The President of the Polish Personal Data Protection Office (PUODO) has issued eight decisions imposing administrative fines so far. The fine amounts vary from 460,00 EUR to 660.000,00 euro. Seven of the decisions concern private sector and one is addressed to the mayor of a small town (public sector). This paper analyses which of the mitigating and aggravating factors set forth in Article 83 of the GDPR are most commonly taken into account by the Polish supervisory authority when determining the severity of fines. The purpose of the paper is also to determine whether the attitude of the data controller during the inspection can have any impact on the imposition and the amount of a fine.
We look forward to welcoming you on July 3-5, 2023 for our Annual Conference entitled "Islands and Ocean: Public Law in a Plural World." The conference will take place at the Victoria University of Wellington, in New Zealand. We will be announcing more details about the conference soon, including financial support to early career and global south scholars!