Privacy Europe


As technology develops, the amount of personal information collected, used, stored, transferred and disposed by organizations and companies increases. Hence, there is a higher risk that data will be breached at some point. Over the past few years, several data protection laws and regulations have been enacted which impose fines when companies don’t comply with the regulations.


Being non-compliant with privacy rules can be punishable by fines, decided by authorities or courts. In case of strong violations, some laws can lead to jail sentences.

The maximum fines under the Data Protection Act in the UK range from GBP5000 to GBP500 000. As can be seen from the significant number of security breaches involving personal data, many organisations have not taken data security seriously. In Germany, administrative offences can be punishable by a fine of up to € 25,000, e.g. in case of failing to appoint a data protection official. Companies can also be fined up to € 250,000 in other cases e.g. if a firm collects or processes personal data that is not generally accessible without authorisation.

Bad publicity

Most companies consider bad publicity as a higher risk than getting fined. Data authorities and the media are publishing more information about violations and due to recent scandals, customers and citizens are becoming more and more informed and sensitive to this subject. In Germany, companies like Lidl, Deutsche Telekom and Schlecker have recently been involved in data protection scandals.

Other risks

Depending on the country the authorities are empowered to intervene and freeze illegal processes.

Data Protection Authorities are entitled to check if you really fulfill your legal obligations under the Privacy Shield Framework. We advise you to submit your annual self-certification through our dedicated Services.

Privacy Europe | Services | European Network | Risks | European Privacy Framework | Compliance | Contact | About | Privacy Policy | Imprint ©
All Rights Reserved.