Fines based on type of violaiton Cumulative sums of fines per violation type across the EU The graph below depicts the cumulative sums of GDPR fines for each type of violation across the EU. Each bar represents a different violation type, providing a clear comparison of the financial impact associated with each type of GDPR violation. Non-compliance with general data processing principles - 1,674,711,359 EUR Insufficient legal basis for data processing - 431,613,697 EUR Insufficient technical and organisational measures to ensure information security - 379,851,319 EUR Insufficient fulfilment of information obligations - 237,251,580 EUR Insufficient fulfilment of data subjects’ rights - 51,889,270 EUR Unknown - 9,250,000 EUR Insufficient fulfilment of data breach notification obligations - 1,778,582 EUR Insufficient data processing agreement - 1,057,110 EUR Insufficient involvement of data protection officer - 919,300 EUR Insufficient cooperation with supervisory authority - 840,529 EUR 10