Every EU country has a data regulator. These regulators have a range of enforcement options at their disposal, from politely asking a company to comply up to a fine of €20m or 4% of global revenues.
You can see a list of previous enforcement action and adjudication decisions by the British Information Commissioner's Office at the link below. These are all under the old Data Protection Directive, which was broadly similar to GDPR but somewhat lacking in teeth. You'll see everything from a slap on the wrist to six-figure fines.
You can see a list of previous enforcement action and adjudication decisions by the British Information Commissioner's Office at the link below. These are all under the old Data Protection Directive, which was broadly similar to GDPR but somewhat lacking in teeth. You'll see everything from a slap on the wrist to six-figure fines.
https://ico.org.uk/action-weve-taken/enforcement/
https://icosearch.ico.org.uk/s/search.html?collection=ico-me...