The fine for a GDPR breach is €20 million ($24 million) or 4% of annual global turnover, whichever is higher.
GDPR fines depend on the severity of the data breach, with the penalty for less serious infringements set at €10 million ($12 million) or 2% of annual global turnover.
