They want you to comply, first and foremost. If you comply, then no fines. If you don't comply, you'll get fined, that's how I understand.
GDPR is a process, it's about pushing companies to good practices through compliance. A lot of it makes sense, for example, making sure your staff understand basic IT security practices, which is no different to health and safety.
GDPR is a process, it's about pushing companies to good practices through compliance. A lot of it makes sense, for example, making sure your staff understand basic IT security practices, which is no different to health and safety.