Picture the scene:
You’re a conscientious employer. You diligently follow data protection laws. One day, you discover your senior IT auditor has been running a slimming drug supply operation from the office mail room, but you let him off with a verbal warning.
GDPR is a new privacy law which governs the collection and use of data relating to all individuals within the EU. It will give people more rights and protection around how their personal data is processed, used and shared between and by organisations. It introduces tougher fines for non-compliance and gives people more say on what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.