The General Data Protection Regulation (GDPR) is an EU law that goes into effect on May 25, 2018 and has significant penalties for non-compliance. It applies to any organization that handles data of EU citizens and gives citizens more control over their personal data and how it is used. ForgeRock's Identity Platform can help organizations address GDPR requirements by providing tools for consent management, data protection, individual rights to access/rectification/erasure of personal data. Proper implementation of these tools is important for organizations to avoid penalties and make privacy a competitive advantage.