Close this search box.
AI-based solution designed to automate personal data discovery and classification
Discover personal data across multiple systems in the cloud or on-premise
Harbor cooperation between DPO, Legal Services, IT and Marketing
Turn data subject request into an automated workflow with a clear insight into data every step of the way
Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation
Guide your partners trough vendor management process workflow
Identifying the risk from the point of view of Data Subject
Quickly respond, mitigate damage and maintain compliance
Consolidate your data and prioritize your relationship with customers
Privacy portal allows customers to communicate their requests and preferences at any time
Introducing end-to end automation of personal data removal

Latest Blog posts

Learn the terms

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

GDPR fines

The General Data Protection Regulation recognizes two levels of fines:

  1. The less severe violation can result in penalties up to €10 million, or in the case of an undertaking, 2% of the organization’s global turnover of the preceding fiscal year, whichever is higher  Art. 83(4) GDPR. These fines are usually issued for violations connected with record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements
  2. For especially severe violations, listed in Art. 83(5) GDPR, the fine framework can be up to €20 million euros, or up to 4 % of their total global turnover of the preceding fiscal year, whichever is higher. For violations relating to data protection principles, the legal basis for processing, information to data subjects, the prohibition of processing sensitive data, denial of data subjects’ rights, and data transfers to non-EU countries.

According to Article 83, GDPR, each individual fine should be effective, proportionate, and dissuasive, taking into account:

  • ➡️ the nature, gravity, and duration of the violation,
    ➡️ the intentional or negligent character of the infringement;
    ➡️ actions taken by the data controller or data processor to mitigate the damage suffered by data subjects
    ➡️ the degree of responsibility of the controller or processor (related to technical and organizational measures)
    ➡️ the previous violations by the data controller or data processor;
    ➡️ cooperation with the supervisory authority,
    ➡️affected categories of personal data
    ➡️how did the supervisory authority learn about the violation
    ➡️ where measures previously ordered against the controller or processor regarding the same subject
    ➡️ compliance with approved codes of conduct or approved certification mechanisms
    ➡️ any other factor applicable to the circumstances of the case
All glossaries
  • All
  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • K
  • L
  • M
  • N
  • O
  • P
  • R
  • S
  • T
  • U
  • V
Scroll to Top