As most of you know, the new General Data Protection Regulation (GDPR) comes into forceon May 25, 2018 and will introduce major new laws for data processing in European Union (EU) member countries and anywhere EU personal data is processed. In other words, even if your business is based in the U.S., if you process data of EU citizens you are affected. The laws give many new personal data rights to EU citizens, including the right to withdraw consent, easier access to their data, and the right to know if their data has been compromised by a cyber attack. And that’s just the start.