Exposure · policy

5 public companies told the SEC they depend on Gdpr.

If Gdpr is disrupted, these are the companies that said, in their own filings, it could hurt them — a deterministic read, every line cited. Some may be in your portfolio.

Exact Sciences CorporationEXAS
- “Further, we are required to comply with international, national, and provincial personal data protection laws and regulations, including the European Union's (“E.U.”) General Data Protection Regulation (“GDPR”) and Japan's Act on the Protection of Personal Information (“APPI”).”
  lowSEC filing →
Jefferies Financial Group Inc.JEF
- “In Europe and the UK alone, the GDPR imposes significant fines for serious non-compliance of up to the higher of 4% of an organization's annual worldwide turnover or €20 million (or £17.5 million under the UK GDPR).”
  lowSEC filing →
Procore Technologies, Inc.PCOR
- “There are also stringent local data protection requirements in Germany and cloud-server initiatives in France which may impact our operations in these countries.”
  lowSEC filing →
Shift4 Payments, Inc.FOUR
- “There are material sanctions under GDPR for failing to comply, and penalties for certain breaches are up to the greater of EUR 20 million/ GBP 17.5 million or 4% of our global annual turnover.”
  mediumSEC filing →
Twilio IncTWLO
- “For example, under the GDPR, regulators may impose temporary or definitive bans on data transfers or other processing, require deletion, and impose significant fines, potentially ranging up to 4% of our worldwide revenue.”
  mediumSEC filing →