This is intended to improve how data is protected as well as increasing the accountability of those organizations that suffer data breaches. GDPR is the most comprehensive data privacy regulation to date and allows individuals to have better control over their own data. Because of this, it presents challenges to organizations who process personal data of any EU citizen – regardless of where that organization is headquartered. Any organization that handles or uses personal data from EU citizens is obligated to comply with GDPR, regardless of where they are based. If you don’t you could face heavy fines of up to $24.4 million or 4% of your global turnover.
Read more about GDPR