The General Data Protection Regulation (EU) 2016/679 (GDPR), effective from 25 May 2018, revolutionises the data protection regime and significantly affects how organisations worldwide collect, use, manage, protect, and share personal data that comes into their possession.
As personal data increasingly represents an important new class of economic asset for organisations, GDPR has significantly increased the enforcement powers available to regulators. GDPR fines can reach up to €20 million, or up to 4% of a group’s annual global turnover if higher