Polish regulators have issued their first GDPR fine, a £187,000 penalty against a firm that took personally identifiable information on over 6 million citizens from the country’s Central Electronic Register and Information on Economic Activity. But it notified only the 90,000 individuals for whom it had email addresses.