Should data protection violations be found, there is a risk of substantial financial penalties imposed by the DPA.
The Data Protection Authority (DPA) has published a sectoral inspection plan for 2023.
This year's inspections will cover the following entities:
- Entities that process personal data using mobile applications
- Entities processing personal data using online (web) applications
- Authorities processing personal data in the Schengen Information System and Visa Information System
If data protection violations occur (e.g., unauthorized transfer of data collected by an application to third parties), there is a risk that the DPA will impose high financial penalties of up to EUR 20 million or 4% of the turnover achieved by the affected undertaking in the previous financial year.
In view of the above, it is recommended to analyze the solutions adopted within the application in terms of personal data protection.
How can we help?
KPMG Law:
- conducts analyses (audits) of solutions and documentation (including ones used in mobile applications) in the field of data protection, and, if necessary, assists the Client in making appropriate changes;
- supports Clients in the course of ongoing audits;
- represents Clients in potential proceedings before the DPA and courts;
- prepares analyses and opinions for specific problems related to the application of data protection regulations, including the General Data Protection Regulation 2016/679 (GDPR).
