January 6, 2020

GDPR Fines and Lessons for Startups

Security & Compliance

GDPR fines are getting larger and more frequent. An average fine is now more than $500,000, making a GDPR fine equivalent to a whole seed round!

The impact of Europe’s General Data Protection Regulation (GDPR) is starting to hit home.

Fines are getting bigger, more companies are being fined and more Supervisory Authorities in Europe are taking action.

Total GDPR fines in 2019 reached a mind-boggling €417.5 million, almost 1,000 times higher than 2018. 750 companies received GDPR-related fines during the year, making the average GDPR fine around €500,000.

Cumulative GDPR Fines over time
Source: enforcementtracker.com, provided by CMS Law.Tax

GDPR for Startups

In November 2019, Uber was fined €600,000 by the Dutch regulator following a data breach in 2016 that affected more than 50 million users.

The increasing number of fines means that it’s only a matter of time before a smaller startup receives a fine. On average, the size of a GDPR fine in 2019 was about equivalent to an average startup’s seed round – or in other words...not worth the risk!

Steps towards GDPR compliance

Taking care of customers’ data, ensuring that you’re only collecting the data you reasonably need and only using that data for reasons that you collected it are essential steps towards achieving GDPR compliance for startups.

The first step to taking care of your customers’ data is knowing where the data is, which means ensuring that you know what SaaS products your team are using.

Uncontrolled SaaS subscriptions are a key GDPR risk for startups - if you don’t know what SaaS you’re using, you don’t know if the tools you’re using are GDPR compliant.

And if you don’t know if the tools you are using are GDPR compliant, then you’re leaving yourself open to fines. If you need any more motivation to avoid doing so, here's a list of companies who fell on the wrong side of GDPR.

List of GDPR Fines

Source: enforcementtracker.com, provided by CMS Law.Tax

Cledara helps you discover, buy, manage and cancel your SaaS, bringing full transparency to your company’s SaaS stack.



Subscribe to our newsletter

Receive the latest insights in your inbox

Share this post

Subscribe to our newsletter and stay informed on the latest SaaS insights

Explore more

Explore more

9 Shadow IT Risks (And How to Avoid Them)

There’s no point triple locking your door if you leave a window wide open. Here’s 9 eye-watering shadow IT risks to beware of—and how to mitigate them.
Read more

IT Governance Framework: A Guide for Enterprise Companies

IT governance is a formal way to integrate an IT strategy into an organization's business strategy. In this post, we’ll cover everything you need to know about it.
Read more

How To Protect Your Business From Toll Fraud

Business fraud can take many forms. Learn what toll fraud is and how you can protect your business with Cledara.
Read more

Process Documentation for Startups: How To Get Started + Best Tools

Documenting processes can help you optimize your workflow and reduce the growing pains of scaling your startup. Here's how to get started.
Read more

Password Management Tips for SOC 2 Compliance

The right tools will help your company pass through a SOC 2 audit with ease.
Read more

EBA Guidelines on Outsourcing Arrangements: Everything You Need to Know

Learn how to easily navigate around the latest compliance requirements by the EBA for outsourcing arrangements.
Read more

Why SaaS Management Will Help You Achieve the ISO 27001 Certification

How a proactive approach to understanding and controlling your software subscriptions can ease your road to ISO 27001 compliance
Read more

UK Companies to Comply with EBA Guidelines for Outsourcing Arrangements amid Brexit and COVID pandemic

We dug into the latest public statements by PRA and FCA on the EBA Guidelines and give you actionable advice on how to tackle their latest updates.
Read more

2020 GDPR Fines on the Rise

How one chat bot cost Ticketmaster more than a million pounds and what you can do to avoid the same fate.
Read more

SaaSOps: Your IT Team's Latest Security Challenge

COVID has accelerated migration to the cloud. And has also exposed the security of your IT structure like never before. We give you seven tips for IT professionals to tackle these new challenges.
Read more

New EBA Outsourcing Guidelines: What SaaS is Considered Critical or Important?

We dig into the jargon behind the regulation to help you understand what needs to be done with your SaaS
Read more

The Way Fintech Startups Buy SaaS is About to Change Forever

New Outsourcing Guidelines from UK and European financial regulators set new requirements for the way regulated fintech startups and other financial services companies buy and manage their SaaS.
Read more