Article 82 of the GDPR: Right to compensation and liability

Article 82 of the GDPR provides that any person who has suffered material or moral damage as a result of a violation of the regulations has the right to obtain repair from the data controller or processor concerned.

Article 82 of the GDPR explained

This article establishes:

The right to compensation for any person harmed by unlawful processing;
The joint liability of the data controller and the subcontractor, unless proven that they are not the cause of the damage;
The possibility for any person to request full compensation before the competent courts;
A balanced appeal system aimed at effectively protect those affected while taking into account the respective responsibilities.

Why is this article important for your GDPR compliance?

He formalizes it financial and legal risk what does a GDPR violation represent. The slightest flaw can give rise to a legal claim, with economic, media and reputational consequences for the company.

How to comply with Article 82 of the GDPR?

Secure all your processing of personal data, particularly those involving high risks;
Ensure that your subcontractors fully comply with the GDPR (clear contractual clauses, regular audits);
Maintain a processing log, impact analyzes and documentation on security measures;
Provide insurance or a reserve fund to cover possible compensation.

Examples of application of Article 82 of the GDPR

Customer gets redress after banking data theft due to server misconfiguration;
An employee takes legal action after unauthorized disclosure of sensitive data to third parties;
An e-commerce platform compensates several users following an exploited security breach.