Every day we share our personal data on the internet. In the meantime, almost every business entity is processing data daily on a very large scale. This has now been acknowledged with the General Data Protection Regulation (GDPR) which comes into force as of 25 May 2018. The GDPR will give back to each of us control of our own personal data. To be compliant with the new Regulation all legal entities have to look already now at how they collect personal data and how they further use this personal data within their business operations.