You have to comply with GDPR for a couple of reasons - not only because it's a law! Think of your financial costs in case you have to recover data. And consider your reputation because you are GDPR compliant - your clients really appreciate that they can trust you.
At first - because you need to protect personal data
If you are a data controller or data processor it is your obligation to protect and secure “any information relating to an identified or identifiable natural person” (page 7) GDPR (9).
Second - to prevent high fines for your business
Starting May 25, 2018 there will be high fines if you are non-compliant (up to 4% of the yearly … or 20 Mio €)
Third - to keep your good reputation
Imagine you lose data because of security issues or all your data gets encrypted by ransom ware – you would need to inform people and even go public with the incident – this will cause a lot of rumour and loss of reputation.
Fourth - to limit costs after a data breach
If you lose data through a data breach or an angry employee that left your company, it might be very time and money consuming and to recover the data (if possible at all).
Fifth - to increase customer loyalty
If people can choose between a trustworthy online service with transparent security measures and public data protection regulations and an online service with non-compliance even if it might be more reasonable – this will be a fast decision for most of them. And you can use it as a marketing issue – people love to know that their data is safe and it is not transmitted to third parties.
That’s it! This is why to comply with GDPR!
If you were reading these lines until this point, you were probably interested because your have a business and store, process, copy, … personal data. Start today and be GDPR-compliant.