How do I report a website for the GDPR breach?

How do I report a website for the GDPR breach?


  1. lodge a complaint with your national Data Protection Authority (DPA) The authority investigates and informs you of the progress or outcome of your complaint within 3 months;
  2. take legal action against the company or organisation.
  3. take legal action against the DPA.

How do I claim against GDPR?

How to complain and claim compensation

  1. Complain to the company that lost your data. If you’ve suffered distress or financial loss as a result of your data being compromised, the first thing you must do is contact the organisation that you believe is responsible.
  2. Complain to the ICO.
  3. Go to the small claims court.

Where can I complain about GDPR?

If you’re unhappy with their response or if you need any advice you should contact the Information Commissioner’s Office ( ICO ). You can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who’s misused personal data.

Does GDPR apply to US websites?

Yes! The GDPR has extra-territorial scope, which means that websites outside of the EU that process data of people inside the EU are obligated to comply with the GDPR. So, if you have a website in the US and you have visitors from the EU, the GDPR applies to your domain.

Does my site need GDPR?

If your website does not collect any personal data (including IP addresses) and does not use cookies and you do not have contact forms or newsletters, you will not have to do anything to be GDPR compliant. GDPR also requires all personal data to be secured, so data encryption should be considered.

What happens if website is not GDPR compliant?

Site owners that fail to make a website GDPR compliant can face stiff financial penalties. The penalty for noncompliance with GDPR is up to €20 million or 4% of global annual turnover (whichever is greater) so noncompliance really isn’t an option.

What are new GDPR rules?

The General Data Protection Regulation (GDPR), agreed upon by the European Parliament and Council in April 2016, will replace the Data Protection Directive 95/46/ec in Spring 2018 as the primary law regulating how companies protect EU citizens’ personal data. Requiring the consent of subjects for data processing.