Scope
Global – All organizations located inside or outside the EU, if they offer goods or services to, or monitor the behavior of, EU residents.
Breach Notification to Authority
Notification of breach to Supervisory Authority must be reported to the relevant regulator within 72 hours upon discovery/confirmation.
Breach Notification to Affected Subjects
Notification to Affected Data Subjects is required where there are high risks identified.
Non-Compliance
Audits, Investigations, Significant Fines (Up to 4% Global Revenue or €20 Million), even a Temporary Ban on Operations.
![]() |
![]() |
![]() |
|
|
|
|
|
|
|
|
|
|
|