|
|
|
|
|
|
by gcthomas
2950 days ago
|
|
|
Consent is usually not needed, since there are plenty of other lawful reasons for processing data. Small businesses will not usually need a DPO, and neither will many large ones. Small businesses will have proportionate fines, and probably no fines at all for accidental breaches of the law. And no, there is no minimum fine set by GDPR, only maximum fines. Most companies will just get a warning to sort themselves out, if the past behaviour of the regulatory authorities is anything to go by — their emphasis is on getting compliance, so only egregious failures will attract fines, with others directed to carry out specified improvements to their processes. |
|
|