The fun part is that our national privacy law beforehand wasn’t even that different. The most significant change that the GDPR brought, is that the maximum fine went up from 300,000€ to now 20 million € or 4% of annual turnover.
And yeah, that change made all the difference.
Now it’s a simple business decision to (mostly) comply with the GDPR, because there is a calculable risk+damages, which are higher than the cost for implementing the bare minimum in protections. They’re also definitely higher than the potential revenue, you could pull out of a single customer’s data.
The company I work for also takes it seriously.
The fun part is that our national privacy law beforehand wasn’t even that different. The most significant change that the GDPR brought, is that the maximum fine went up from 300,000€ to now 20 million € or 4% of annual turnover.
And yeah, that change made all the difference.
Now it’s a simple business decision to (mostly) comply with the GDPR, because there is a calculable risk+damages, which are higher than the cost for implementing the bare minimum in protections. They’re also definitely higher than the potential revenue, you could pull out of a single customer’s data.