The EU's new General Data Protection Regulation (GDPR) came into force on 25 May 2018. Taking immediate effect in all EU/EEA states, it set new mandatory standards in data protection and security. At a conference, Denis Boivin and Nicolas Duc from BDO presented the issues and implications for Swiss-based companies.