General Data Protection Regulation (GDPR)


General Data Protection Regulation (GDPR)

Our vision and approach

The General Data Protection Regulation (GDPR) will come into effect on 25 May 2018, changing the European privacy landscape. For organizations, this means a number of changes. We outline some major points from our experience that can help organizations getting the most from these changes.

There are lines you cannot cross. There are rules to the game. But within the lines and following the rules, you are only limited by your own creativity to achieve your goals.Deloitte Privacy Services is dedicated to help organizations navigate privacy risk, staying within the rules of the game, while allowing privacy to be a business enablerand to use personal data to increase customer trust.

Three principles

  1. Proper (meta) data management is essential to comply to the GDPR;
  2. GDPR compliance will also help you build trust with clients and safeguard personal data;
  3. Make GDPR compliance your top priority for the coming months.

Following these principles will greatly help you getting the most value from processing personal data, while minimizing the risk. In this document we explain our viewpoint and how this can help you.

Our Vision & Approach

Sign up for the GDPR email alert

In the upcoming months we will write a range of articles providing you with a more in depth view on the ten most important aspects of the GDPR. Please sign up for the email alert, and receive the latest GDPR articles.

GDPR email alert



Annika Sponselee

Annika Sponselee


Annika is the Data & Privacy Lead of Deloitte NSE with over 17 years of experience in the field of privacy and data protection. She founded and currently leads the Dutch Privacy Team, consisting of ov... More

Nicole Vreeman

Nicole Vreeman


I work as a Director in the Privacy Team at Deloitte Cyber Risk Advisory. My focus is on Privacy and the broader Data spectrum, as well as on the ePrivacy Directive and its successor, the upcoming ePr... More