The General Data Protection Regulation (GDPR) entered into force on 25 May 2018 throughout Europe. It is now the framework in which companies can exploit the personal data in their possession, whether that of their employees, their customers or their suppliers.