According to Workplace Privacy Report: Considering that one of the main objectives of the GDPR was to expand the territorial scope, companies based outside the EU should not be surprised to find that they are a particular target of data regulators. The GDPR imposes significant fines for companies that fail to comply. Penalties and fines, calculated based on the company’s global annual turnover of preceding financial year, can reach up to 4% or €20 million (whichever is greater) for non-compliance with the GDPR, and 2% or €10 million (whichever is greater) for less important infringements. So, for example, if a company fails to report a breach to a data regulator within 72 hours, as required under Article 33 of the GDPR, it could pay a fine of the greater of 2% of its global revenue or €10 million.
In others words… Yes.
Do you need help to comply with the GDPR? Please contact me as soon as possible to be scheduled for this required communications compliance.