According to statistics from Finland, only 40% of the mid-sized companies have a clue what to do when GDPR hits the fan. And smaller ones even less. So in 6 months' time, there'll be some hassle around this issue. I’m no legal expert in the matter, but I've heard the basic principles on how GDPR will hit the companies. And as there are some serious monetary punishments in play, it seems that at least 40% are interested in staying on the safe side.