none

Complete I.T. Blog

Top GDPR Fines: Is Your Business Compliant?

by | Jun 29, 2021 | Data Recovery, GDPR

Three years on, we take a look at some of the biggest GDPR fines to date. Although we are focusing on the biggest fines (and therefore the bigger, well-known brands), it’s important to remember that this can happen to any type of organisation, whether they are small, medium or large.

Google: Fined for not making it clear what user's data would be used for (£43.2 million)

Have you made your consumer data processing statement easily accessible to your customers? Do you have consent from your users to use their data in the way you are using it?

Whenever you collect customer or prospect data, you must explain what that data will be used for and users must accept or decline your use to do so. In the example of Google, it was not transparent that users data would be used to target ads, which led to this substantial fine.

H&M: Fined for secretly monitoring hundreds of employees (£32.1 million)

Are you monitoring your employees without their permission?

Similarly to customer data, when it comes to any data being collected about a member of staff, it is important that you detail why you are collecting that data, what it will be used for and who it will be shared with. In the example of H&M they recorded videos of staff returning from holiday or sick leave and this data was shared with managers. Employees were unaware this was happening, which led to the fine H&M received.

British Airways: Fined after website users were directed to a fraudulent site which lead to customer’s personal data being leaked (£20million)

Could your business bounce back after a data breach?

Implementing a robust cyber security and disaster recovery solutions should be a priority to all organisations. Your data recovery strategy should outline how your organisation will respond to all possible data loss situations as unfortunately, as well as heavy fines and damage to brand reputation, research suggests  90% of small businesses fail within 2 years after being struck by a disaster. So If you are not prepared, you are less likely to survive.

In the case of British Airways. hackers gained access to 400,000 peoples personal data, including their booking details, names, addresses and credit card details.

If the worst-case scenario happens, it’s essential that your business is able to respond quickly and has a plan in place to resume operations with minimal disruption.

You can also get in touch by clicking the button below.

Discuss your IT Today

Discuss your IT Today

Discuss your IT Today

Discuss your IT Today

Discuss your IT Today

Website Pop up - Have you registered yet data protection Webinar

Get In Touch

Contact Us

Head Office 01628 243 057
Email info@complete-it.co.uk


Peterborough – 01733 731 367
Swindon – 01793 934 307
Oxford – 01865 800 008
Bristol – 01172 420 786
High Wycombe – 01628 243 057
London – 02078 462 332
Manchester – 01618 234 107
Birmingham –01214 610 315

x