There will be two levels of fines and penalities based on the GDPR.
(1) The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher.
(2) The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher.
The potential fines are substantial and a good reason for companies to ensure compliance with the Regulation.