Payment and calculation of administrative fines
The amount of administrative fines under Art. 83 GDPR expressed in EUR must be calculated in polish zloty (PLN), in accordance with the average exchange rate determined by the National Bank of Poland (Art. 103 Data Protection Act), and must be paid within 14 days (Art. 105 Data Protection Act).
Units of the public finance sector, research institutes and the National Bank of Poland are subjected to the maximum fine of 100,000 PLN (Art. 102 Data Protection Act).
Data processing, if not permitted, may be fined by imprisonment of up to 2 years or, in case of processing of special categories of personal data, up to 3 years (Art. 107 Data Protection Act).
Hindering the inspections of compliance with data-protection regulations may also incur fines or imprisonment of up to 2 years (Art. 108 Data Protection Act).