Call Us

Close window

GDPR – Two Months In



    Just a little under two months ago the General Data Protection Regulation (GDPR) act came into affect across Europe. Bringing with it substantial changes in how both organisations and individuals control and manage personal data.

    With two years given to prepare for the GDPR some companies were prepared and ready. However, for the majority of companies it was a last minute scramble to get the house in order and implement new processes and measures. So as not to face the wrath of the Data Protection Commission Ireland’s (DCPI) fines which can amount up to 4% of annual turnover OR €20m fine for an organisation.

    Two months on, with the dust settled we ask what has changed? Do all organisations now have a data protection standard in place for how they control and process data? Has there been any fines? And have those damn privacy policy emails finally stopped?


    A Rise in Complaints:

    The latest report last week stated that the DPC had received more than 1,300 “concerns or complaints” in regards to the GDPR. With businesses logging 60 breaches of people’s personal data with the watchdog so far.

    In the first 5 days of the new act, the Data Protection Commission received around 700 phone calls and over 650 emails to its information service.

    Ten cases so far from national and international organisations fall under the GDPR act and are being investigated by the DPC.


    Multi-national Companies Under Scrutiny:

    While a lot of small to medium businesses put in measures to become GDPR compliant it’s the big multi-nationals like Google and Facebook that have come under tough scrutiny from the media for their new data policies. Rather than changing their data processes to be fully inline with the GDPR, they chose to send out a new privacy policy that forced users to either accept their terms or be blocked from using their services.

    Max Schrems – an Austrian privacy campaigner has already filed four complaints against Facebook, Instagram, Whatsapp and Google. In the complaints he claims that their take-it or leave-it approach to consent is not clear in regards to what they are collecting, why and whether it is necessary to provide the service.


    Have there been any fines yet?

    There have been no fines delivered as of yet under the GDPR act. Since May 25th, companies like Yahoo and Facebook have received warnings or fines but under the old legislation as the data breaches happened before the GDPR act was implemented. The ten complaints currently being investigated may see fines appear though depending on the breach of data or complaint.


    So, is GDPR over?

    Absolutely not. While we may not have seen any fines yet, the GDPR is mostly definitely here to stay. Companies who have started implementing GDPR processes are in a good place but data privacy is an ongoing process that needs to be reviewed and centralised as part of each and every business. At Typetec, our GDPR solution encompasses not only the procedures and policies involved in GDPR compliance but the ongoing management and reporting required from an organisation.

    To find out more or get help with your GDPR compliance contact us now.

    Only getting started? Read our checklist for GDPR compliance.


      Unit G6
      Calmount Business Park
      Ballymount, Dublin 12
      D12 XW25

      Submit the form below to get in touch with us

        Back to blog