The European regulations for the protection of confidential data (the GDPR, the General Data Protection Regulation, also known as AVG) apply to virtually all organisations, large and small. When you employ personnel, if you have a member association, if your customers are consumers or if you offer (electronic) systems in which personal data is processed: in all cases you must comply with the regulations regarding privacy.
At their core, the measures you must take for privacy compliance are no more difficult than the measures you have taken to - for example - comply with tax regulations. The difference is mainly in how self-evident it is to follow said regulations. As an entrepreneur or director, the demands of the tax department had to be taken into account since the founding of your enterprise. These regulations have become a fixed component of your operational management, in which you are probably assisted by a trusted accountant or bookkeeper.
Our plan of action