Does the EU’s GDPR Apply to Your Company?

November 2, 2017

The European Union’s General Data Protection Regulation (GDPR) takes effect May 25, 2018. The GDPR will affect companies all over the world, regardless of whether they are located in the EU. Many U.S.-based companies are surprised to find they must also comply or risk facing large fines. If these regulations apply to your company now, or may in the future, you can’t afford to wait. If your company is affected, are you ready?

So the GDPR applies to your company.
What does this mean?

First, you’ll need to create a compliance program to protect yourself in the event of a data breach or other violations. Penalties for violating the GDPR include fines up to the greater of €20 million or 4 percent of your company’s annual worldwide revenue. For basics about the regulations, check out Dykema’s GDPR Issues Brief.

Attorneys in Dykema’s Data Privacy and Data Security Practice help companies craft compliance programs to protect data against the world’s most dangerous threats. Dykema can help in reviewing your company’s data to determine potential GDPR liability and creating a comprehensive compliance program to mitigate risk.

For information on GDPR or other privacy and data security issues, please contact Cinthia Motley ( or your Dykema relationship attorney.

As part of our service to you, we regularly compile short reports on new and interesting developments and the issues the developments raise. Please recognize that these reports do not constitute legal advice and that we do not attempt to cover all such developments. Rules of certain state supreme courts may consider this advertising and require us to advise you of such designation. Your comments are always welcome. © 2021 Dykema Gossett PLLC.