What is the fine for a non-wilful minor breach of GDPR?

The correct answer is a warning, which serves as a preliminary step for non-wilful minor breaches of the General Data Protection Regulation (GDPR). The GDPR recognizes that not all breaches are equally serious, and for minor infractions that are non-intentional, issuing a warning allows organizations to correct their practices without facing severe penalties.

The intent behind this approach is to encourage compliance and allow organizations the opportunity to improve their data protection practices without the fear of heavy fines for small mistakes. This is particularly important in fostering a culture of data protection and accountability, as it motivates organizations to take proactive measures to protect personal data.

In contrast, the other options represent more severe penalties for breaches that are either critical or involve wilful negligence. The maximum financial penalties of €10 million or 4% of annual turnover apply to serious infringements of the GDPR, while the 2% of annual turnover fine is applicable for less severe violations that do not fall under the non-wilful category. A warning serves as an essential tool for regulators to guide organizations towards compliance rather than resorting to immediate financial penalties.