The European Union’s new General Data Protection Regulation (GDPR) came into effect in May of this year. While many in North America believe that since they are not located within the European Union the regulation does not apply to their operations, the territorial scope of the GDPR is well and truly global. Many of these companies are unaware that the GDPR is applicable to any organization conducting business within the EU, including those simply collecting data there.