It’s just over a year since the General Data Protection Regulation – GDPR – came into force. Some companies have taken it in their stride and are meeting their legal obligations but a considerable number are either still lagging behind or are not as compliant as they think they are. GDPR came into effect in May 2018, and in the following eight months, over 95,000 infringement complaints were made to EU national data protection authorities. The Information Commissioner’s Office (ICO) is now exercising its power to impose fines, and they can be huge. Notably, British Airways and the Marriott Hotel …