With 25th May getting uncomfortably close, it’s time to revisit the subject of a previous article: the General Data Purpose Regulation (GDPR) that comes into force on that day, and will have a profound impact on any organisation that processes personal data. On the face of it, it might seem to be very large multinationals that have the most to worry about: they hold many millions of personal data records, share a lot of them with partner organisations, regularly transfer them