Go to the profile of Detracker
Detracker
The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

PepsiCo and Unilever Fined for Non Compliance with the New Data Protection Rules

New data protection rules are here and they are much stricter than ever. Some companies are feeling the heat already.

The new rules are called the General Data Protection Regulation. They came into force on May 24th, 2016. On June 6th — the German data protection authorities caught a number of multinational companies breaking the rules of international data transfers.

Startup or a multinational corporation — data protection rules apply equally. GDPR fines are proportional to income — 4% of your annual turnover for non-compliance.

The authorities stated that the international companies with German operations failed to ensure the privacy for employee and customer data transferred to the U.S. . Companies that need to transfer personal data to the United States — be it for completing credit card transactions, using cloud services, or moving employee data — are under the risk of being fined by their local data protection authorities if they do not establish the appropriate mechanisms for such operations.

The Problem and Solutions

With the old approved data transfer pact gone and the future of its planned replacement — the EU-U.S. Privacy Shield — in doubt, U.S. companies seeking to lawfully transfer personal data out of the UK and the rest of Europe without risk of a privacy enforcement action have few options. One such is to set up the relevant contract clauses to safeguard a company’s position when dealing with 3rd parties or other companies. Another solution is to vet 3rd parties individually and to prepare for GDPR — which is a must anyway now that the rules are here.

Data protection authority (DPA) of Hamburg fined consumer goods maker Unilever 11,000 euros and fruit juice maker Punica — which is owned by PepsiCo Inc. — 9,000 euros ($10,220). According to Reuters: the regulator said the companies had put in place alternative legal mechanisms for transferring data to the United States following the fine.

If you want to protect your company from a potential loss of 4% of your annual turnover in fines — write to us on solutions@detracker.eu.