General Data Protection Regulation specifies how customers data can be used and protected. The primary objective of the GDPR is to give citizens control of their personal data. Failing to comply with GDPR can cost you 4% of global turnover or €20 million or whichever is greater.