Dutch Data Authority Debuts EU's First GDPR Fining Policy

Industry News 1 min read

The Dutch Data Protection Authority has released the first GDPR fining policy in the EU. It consists of a four-category system, based on company size, the maximum fine and factors including the duration of the offense, the number of people affected and how quickly the company reacts. 

The new GDPR fining policy introduces a four category system, giving various examples depending on company size and maximum fine. For example, if a company’s maximum fine is €10 million, it might face the following fines for less severe violations:

  • Category I: €0 to €200,000
  • Category II: €120,000 to €500,000
  • Category III: €300,000 to €750,000
  • Category IV: €450,000 to €1 million

Read the whole story at The Next Web »

purple bike leaning on black metal fence
Photographer: Leif Niemczik | Source: Unsplash
Netherlands GDPR Fines Data Protection Authority