GDPR means General Data Protection Regulation
The new European Data protection legislation (or, as it is called in the Netherlands, the general regulation on data security, AVG), will be in effect from 2018, which affects all organisations working with sensitive data. The law has been developed because the EU wants to create a clear and secure digital environment. The idea is to protect the citizens against data loss and theft by forcing the organization that processes this data to handle it cautiously. Under this new law it is only under strict conditions possible to collect and store personal information: Anyone who does not adhere to it is punishable. The whole cookie policy is already a small precursor, but by GDPR there will also be explicit permission to be given by subject and message when it comes to email for example. All EU Member States must have implemented the law in May 2018. As an organisation you have to start on time, because not only is there a chance of image damage, also the fine that can run up to 20 million is of course not something you just get over. Https://www.youtube.com/watch?v=yIXQlljj2HQ