General Data Protection Regulation (GDPR)


General Data Protection Regulation (GDPR)

Our vision and approach

The General Data Protection Regulation (GDPR) will come into effect on 25 May 2018, changing the European privacy landscape. For organizations, this means a number of changes. We outline some major points from our experience that can help organizations getting the most from these changes.

There are lines you cannot cross. There are rules to the game. But within the lines and following the rules, you are only limited by your own creativity to achieve your goals.Deloitte Privacy Services is dedicated to help organizations navigate privacy risk, staying within the rules of the game, while allowing privacy to be a business enablerand to use personal data to increase customer trust.

Three principles

  1. Proper (meta) data management is essential to comply to the GDPR;
  2. GDPR compliance will also help you build trust with clients and safeguard personal data;
  3. Make GDPR compliance your top priority for the coming months.

Following these principles will greatly help you getting the most value from processing personal data, while minimizing the risk. In this document we explain our viewpoint and how this can help you.

Our Vision & Approach

Sign up for the GDPR email alert

In the upcoming months we will write a range of articles providing you with a more in depth view on the ten most important aspects of the GDPR. Please sign up for the email alert, and receive the latest GDPR articles.

GDPR email alert



Annika Sponselee

Annika Sponselee


Annika Sponselee is Partner at Deloitte Risk Advisory and heads the Privacy Team. This Privacy Team exists of 20 privacy experts, all dedicated to and qualified in their field of expertise (i.e. legal... More

Nicole Vreeman

Nicole Vreeman


I work as a Director in the Privacy Team at Deloitte Cyber Risk Advisory. My focus is on Privacy and the broader Data spectrum, as well as on the ePrivacy Directive and its successor, the upcoming ePr... More