Who Does This Affect? All companies that process personal data of data subjects in the EU or that conduct business in the EU, regardless of their home country.
Why Should You Care? GDPR mandates accountability and demonstration of compliance. Large monetary fines of up to €20 million or four percent of global revenues may be imposed on companies for noncompliance.
Who Enforces GDPR Compliance? Data protection authorities in EU Member States. Data subjects also have a right to seek judicial remedies, including damages.