Entrepreneurs underestimate open flanks when it comes to data protection. Customers and employees in particular receive insights into the company that reveal gaps in data protection. Companies should not feel encouraged when it is reported in the press that the staffing of the supervisory authorities leaves something to be desired and that unreasonable inspections need to be expected in very few cases.
Because even if unprompted checks still take place far too seldom: Many consumers and employees now know very well about their rights and obligations under the GDPR and make use of the practical option of using the online form for complaints. If entrepreneurs do not make efforts to adapt in order to achieve GDPR compliance, a review by the supervisory authorities will have a difficult position. The argument “Nobody knows!” Can therefore be easily refuted. But it would be even better if the data protection officer couldn’t be confronted with it in the first place.