Fines arising from Europe’s General Data Protection Regulation (GDPR) are getting bigger, more companies are being fined and more Supervisory Authorities in Europe are taking action. Total GDPR fines in 2019 reached a mind-boggling €417.5 million, almost 1,000 times higher than 2018. 750 companies received GDPR-related fines during the year, making the average GDPR fine around €500,000.
In November 2019, Uber was fined €600,000 by the Dutch regulator following a data breach in 2016 that affected more than 50 million users. The increasing number of fines means that it’s only a matter of time before a smaller startup receives a fine. On average, the size of a GDPR fine in 2019 was about equivalent to an average startup’s seed round and so it’s important to take GDPR seriously.
Taking care of customers’ data, ensuring that you’re only collecting the data you reasonably need and only using that data for reasons that you collected are essential steps towards achieving GDPR compliance for startups. The first step to taking care of your customers’ data is knowing where the data is, which means ensuring that you know what SaaS products your team are using. Uncontrolled SaaS subscriptions are a key GDPR risk for startups - if you don’t know what SaaS you’re using, you don’t know if the tools you’re using are GDPR compliant. And if you don’t know if the tools you are using are GDPR compliant, then you’re leaving yourself needlessly open to GDPR fines. Cledara helps you discover, buy, manage and cancel their SaaS, bringing full transparency to your company’s SaaS stack.
Source: enforcementtracker.com, provided by CMS Law.Tax