The GDPR is a legal framework that sets guidelines for the collection and processing of personal informationof individuals within the European Union (EU). The GDPR sets out the principles for the data management and the rights of the individual whilst also imposing fines that can be revenue-based.  The GDPR covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies.  GDPR will come into effect across the EU on 25 May 2018.