OneTrust Certified Privacy Professional Practice Exam - Practice Test & Questions

Fines under the General Data Protection Regulation (GDPR) are significant and serve as a major incentive for organizations to comply with privacy standards. The regulation stipulates that non-compliance can result in administrative fines of up to 20 million euros or 4% of the global annual turnover of the entity, whichever amount is higher. This regulatory framework aims to enforce adherence to data protection principles and to deter organizations from neglecting their responsibilities regarding personal data.

The other options do reflect serious consequences but do not align with the actual provisions set out by GDPR. Mandatory audits each quarter are not a standardized outcome of non-compliance; penalties are based more on the severity of the violation rather than imposed audit frequency. Similarly, loss of a business license or an inability to process data for a year are not explicit consequences outlined by GDPR, making option B the most relevant and accurate regarding potential penalties for non-compliance with the regulation.