[Back to Guidelines 04/2022 on the calculation of administrative fines under the GDPR] [Back to Flowcharts]

graph TD
    A["Start Fine Calculation"] --> B{"Identify Processing Operations"}
    B --> C{"Multiple Infringements?"}
    
    C -- Yes --> D{"Same/Linked Processing?"}
    C -- No --> E["Calculate Single Fine"]
    
    D -- Yes --> F["Apply Article 83(3) - Cannot Exceed Max for Gravest Infringement"]
    D -- No --> G["Calculate Separate Fines"]
    
    E --> H["Determine Starting Point"]
    F --> H
    G --> H
    
    H --> I{"Assess Seriousness Level"}
    I -- Low --> J["0-10% of Legal Maximum"]
    I -- Medium --> K["10-20% of Legal Maximum"]
    I -- High --> L["20-100% of Legal Maximum"]
    
    J --> M["Adjust for Company Size"]
    K --> M
    L --> M
    
    M --> N["Consider Aggravating/Mitigating Factors"]
    
    N --> O["Check Legal Maximum"]
    
    O --> P["Final Assessment"]
    P --> Q{"Meets Requirements?"}
    Q -- No --> R["Adjust Amount"]
    Q -- Yes --> S["Final Fine Amount"]
    
    %% Add explanatory notes
    style A fill:#2e5e4a,stroke:#333,stroke-width:2px
    style J fill:#2e5e4a
    style K fill:#b66c29
    style L fill:#be474a

This decision tree illustrates the step-by-step process for calculating administrative fines under the GDPR, following the EDPB Guidelines 04/2022. It shows the key decision points from initial assessment through final fine determination, including evaluation of seriousness levels, company size adjustments, and consideration of various factors affecting the final amount.