GDPR is complicated, but its violation is punished

GDPR is complicated, but its violation is punished

Also known as GDPR, the General Data Protection Regulation of the EU has been a hard case to crack since its inception, especially for entrepreneurs and small businesses. Large companies usually have a team of security and justice specialists, making it much easier for them to comply with GDPR and adhere to its strict rules.

Specialized Supervisory Authority

The Office for Personal Data Protection of the Slovak Republic is in charge of compliance with the Data Protection Regulation in Slovakia. By May of this year, it had carried out 48 controls, of which 22 have been completed so far.

According to the Office, more than half of the entities were mistaken in the processing of personal data. Those violations of the GDPR were mainly related to the absence of legitimate reasons for the processing of personal data or to the processing other than those intended. Also, informing individuals about the processing of their data is insufficient or not done at all.

Sanctions are not just financial

The Office for Personal Data Protection of the Slovak Republic does not have to impose only a financial fine, which may have a liquidation character. Such a fine may be up to EUR 20 million or up to 4% of the total annual turnover of the company for the previous financial year. However, the fines are also of a non-financial nature, when the entity is subject to a sanction in the form of a measure.

Confusion from GDPR

There are often complaints from the ranks of entrepreneurs and employees that no accompanying commentary or additional documentation has been issued along with GDPR to help implement the European regulation in practice. The implementation of the Personal Data Protection Act is thus much more complex than anticipated, requiring a large amount of funding from individual entities. Entrepreneurs and small businesses have paid several hundreds of euros to implement GDPR, but large businesses had to spend sometimes tens of thousands of euros. Not to mention the time that companies have to invest in implementation.