CHAPTER 4: SIX DATA PROTECTION PRINCIPLES
The Regulation stipulates that infringements of “the basic principles for processing, including conditions for consent” are subject to the highest possible administrative fines – up to €20,000,000 or 4% of global annual turnover, whichever is higher. If any detail can get the attention of the people who need to understand this, it’s likely that potential fines of that scale will do the job.
The GDPR lays down a set of data protection principles to guide how organisations manage personal data. The principles can be seen as an overview of your most important duties in complying with the Regulation, and anyone reading the Regulation should keep them in mind when interpreting other requirements.
The six data ...