Data protection is an important subject for all of us and even more so for companies. However, spending enough time, thought and money on this complex matter has always been a challenge. It is even more challenging right now with the new EU General Data Protection Regulation (GDPR) ahead. All companies process personal data, at least the data of their employees. All processing needs to be justified and companies are obliged to have adequate security measures in place. We all know this. However, data protection law is undergoing a huge change these days. You may have heard about the GDPR. But what exactly are the most important changes under this new EU regulation, which will come into effect in May 2018?