|
|
|
|
|
|
by ed
2581 days ago
|
|
|
GDPR does make exceptions for companies with fewer than 250 employees. https://gdpr.algolia.com/gdpr-article-30#section-15 Also this kind of legal DOS is almost definitely against the spirit of the law and I’d be surprised to see any real company use significant resources to respond. |
|
|
Small businesses are still, for example, subject to abusive SARs of the kind used for illustration here. They're still required to write documentation like privacy policies according to the new standards. And unlike large organisations, where there is the 4% cap on fines, a small organisation faces an existential threat if regulators decide to impose heavy fines, which they have considerable powers to do.