← Todas las herramientas

GDPR Fine Calculator

The General Data Protection Regulation (GDPR) allows supervisory authorities to impose fines of up to €20 million or 4% of annual global turnover, whichever is higher. This calculator estimates your exposure using factors defined in EDPB Guidelines 04/2022 on the calculation of administrative fines.

Estimador de multas GDPR

Multas administrativas del Art. 83, Metodología de las Directrices EDPB 04/2022

Estimates only, not legal advice

Art. 5 GDPR, base de todo tratamiento

Opcional. Si su límite basado en facturación (2–4%) supera el límite fijo, se aplicará este.

¿Cuál es la gravedad de la infracción?

Pulse el icono de informacion en cualquier opcion para ver ejemplos.

¿Cómo ocurrió?

Tipo de datos personales afectados

Duración de la infracción

Número de interesados afectados

Grado de cooperación con la APD

¿Cómo se descubrió la infracción?

Infracciones o advertencias previas

Medidas de mitigación y prevención

Rango orientativo aproximado. Las multas reales dependen de la discrecionalidad de la APD, la legislación nacional y las circunstancias completas del caso. Referencia: GDPR Art. 83, Directrices EDPB 04/2022 sobre multas. No constituye asesoramiento jurídico.

Frequently asked questions

How are GDPR fines calculated?

The EDPB uses a five-step process: identify the gravest infringement, set a starting amount based on tier and seriousness, adjust for aggravating and mitigating factors, apply the legal maximum, and verify proportionality.

What is the difference between Tier 1 and Tier 2?

Tier 1 (Art. 83(4)) covers technical and processor obligations, up to €10M or 2% of turnover. Tier 2 (Art. 83(5)) covers core principles, consent, and data subject rights, up to €20M or 4% of turnover.

Does cooperation with the DPA reduce my fine?

Yes. The EDPB Guidelines list cooperation as an explicit mitigating factor. Self-reporting a breach before the DPA discovers it is the single most significant mitigating action you can take.

Is this calculator accurate?

It uses factors defined in EDPB Guidelines 04/2022 and produces an indicative range. Actual fines depend on full DPA discretion and case circumstances. This is not legal advice.

Which DPA would fine my company?

The lead authority is where your main EU establishment is located (Art. 56 GDPR). For most companies this is where your EU headquarters or main data processing decisions are made.