Slide background

Guidelines 04/2022 - administrative fines under the GDPR

ID 16694 | | Visite: 383 | Documenti riservati Full PlusPermalink:

Guidelines EDPB 04 2022

Guidelines 04/2022 on the calculation of administrative fines under the GDPR

European Data Protection Board (EDPB) Version 1.0 Adopted on 12 May 2022

The European Data Protection Board (EDPB) has adopted these guidelines to harmonise the methodology supervisory authorities use when calculating of the amount of the fine. These Guidelines complement the previously adopted Guidelines on the application and setting of administrative fines for the purpose of the Regulation 2016/679 (WP253), which focus on the circumstances in which to impose a fine.

The calculation of the amount of the fine is at the discretion of the supervisory authority, subject to the rules provided for in the GDPR.

In that context, the GDPR requires that the amount of the fine shall in each individual case be effective, proportionate and dissuasive (Article 83 GDPR). Moreover, when setting the amount of the fine, supervisory authorities shall give due regard to a list of circumstances that refer to features of the infringement (its seriousness) or of the character of the perpetrator (Article 83 GDPR).

Lastly, the amount of the fine shall not exceed the maximum amounts provided for in Articles 83 and GDPR. The quantification of the amount of the fine is therefore based on a specific evaluation carried out in each case, within the parameters provided for by the GDPR.

Taking the abovementioned into account, the EDPB has devised the following methodology, consisting of five steps, for calculating administrative fines for infringements of the GDPR. Firstly, the processing operations in the case must be identified and the application of Article 83 GDPR needs to be evaluated (Chapter 3).

Second, the starting point for further calculation of the amount of the fine needs to be identified (Chapter 4).

This is done by evaluating the classification of the infringement in the GDPR, evaluating the seriousness of the infringement in light of the circumstances of the case, and evaluating the turnover of the undertaking. The third step is the evaluation of aggravating and mitigating circumstances related to past or present behaviour of the controller/processor and increasing or decreasing the fine accordingly (Chapter 5).

The fourth step is identifying the relevant legal maximums for the different infringements.

Increases applied in previous or next steps cannot exceed this maximum amount (Chapter 6).

Lastly, it needs to be analysed whether the calculated final amount meets the requirements of effectiveness, dissuasiveness and proportionality.

The fine can still be adjusted accordingly (Chapter 7), however without exceeding the relevant legal maximum.

Throughout all abovementioned steps, it must be borne in mind that the calculation of a fine is no mere mathematical exercise. Rather, the circumstances of the specific case are the determining factors leading to the final amount, which can – in all cases – vary between any minimum amount and the legal maximum. These Guidelines and its proposed methodology will remain under constant review of the EDPB.


Fonte: EU


Descrizione Livello Dimensione Downloads
Allegato riservato Guidelines EDPB 04 2022.pdf
Version 1.0 Adopted on 12 May 2022
685 kB 0

Tags: Abbonati Full Plus Privacy

Articoli correlati

Più letti Full Plus

Ultimi archiviati Full Plus

Gen 11, 2023 257

FAQ UNI/PdR 125/2022 Accredia-UNI

in News
FAQ UNI/PdR 125/2022 Accredia-UNI ID 18608 | 11.01.2022 / In allegato Per una chiara ed efficace applicazione della UNI/PdR 125:2022 sul sistema di gestione per la parità di genere, UNI e Accredia hanno elaborato un set di FAQ, in continuo aggiornamento, utile per gli organismi di certificazione e… Leggi tutto
Comunicatro ANAC 30 Novembre 2022 Procedure acquisizione servizi  forniture  lavori e opere in  Certificazione parit  di genere
Gen 11, 2023 315

Comunicato ANAC del 30 novembre 2022

in News
Comunicato ANAC del 30 novembre 2022 / Procedure acquisizione servizi, forniture, lavori e opere e Certificazione parità di genere ID 18603 | 11.01.2023 / In allegato Indicazioni in ordine all’applicazione dell’articolo 46-bis del decreto legislativo 11 aprile 2006 n. 198 recante Codice per le pari… Leggi tutto