The impact of Europe’s General Data Protection Regulation (GDPR) is starting to hit home.
Fines are getting bigger, more companies are being fined and more Supervisory Authorities in Europe are taking action.
Total GDPR fines in 2019 reached a mind-boggling €417.5 million, almost 1,000 times higher than 2018. 750 companies received GDPR-related fines during the year, making the average GDPR fine around €500,000.
GDPR for Startups
In November 2019, Uber was fined €600,000 by the Dutch regulator following a data breach in 2016 that affected more than 50 million users.
The increasing number of fines means that it’s only a matter of time before a smaller startup receives a fine. On average, the size of a GDPR fine in 2019 was about equivalent to an average startup’s seed round – or in other words...not worth the risk!
Steps towards GDPR compliance
Taking care of customers’ data, ensuring that you’re only collecting the data you reasonably need and only using that data for reasons that you collected it are essential steps towards achieving GDPR compliance for startups.
The first step to taking care of your customers’ data is knowing where the data is, which means ensuring that you know what SaaS products your team are using.
Uncontrolled SaaS subscriptions are a key GDPR risk for startups - if you don’t know what SaaS you’re using, you don’t know if the tools you’re using are GDPR compliant.
And if you don’t know if the tools you are using are GDPR compliant, then you’re leaving yourself open to fines. If you need any more motivation to avoid doing so, here's a list of companies who fell on the wrong side of GDPR.
List of GDPR Fines
Source: enforcementtracker.com, provided by CMS Law.Tax
Cledara helps you discover, buy, manage and cancel your SaaS, bringing full transparency to your company’s SaaS stack.