The risk is not worth it
Fines are in fact high and, despite their value being dependent on a number of different factors – such as the number of individuals affected, the number of incidents and their level of impact – the reputational damages of a fine, for an event planner, will surely be devastating.
Companies may be fined up to 20 M Euros or up to 4% of their annual revenue (whichever is the highest). In addition, they may incur extra fines if they have any individual complaints from those who have seen their data compromised. The managers of the company may also be involved in this type of procedure.
This might mean the loss of additional business to competitors who may have been better prepared for the GDPR.
To whom does it apply?
The fines apply to all parties involved, be they data controllers, as is the case of event organizers, as well as those responsible for data processing (usually technology companies, event management agencies , etc.).
Return to our GDPR index: Are your events ready for the GDPR?
Still have questions about this? Talk to us!