At Cyber Toa we offer a range of GDPR services including readiness assessments, remediation programmes and ongoing Virtual Data Protection Officer services. Contact us and let us assist you in this change.

What is the GDPR and does it apply to my organisation?


The EU General Data Protection Regulation (GDPR) is one of the largest ever changes in data protection law. It replaces the existing Data Protection Directive and comes into force on 25th May 2018.

The aim of the GDPR is to give Europeans better control over their personal data held by organisations worldwide. The new regulation focuses on keeping organisations more transparent and expanding the privacy rights of individuals. The GDPR also introduces more stringent penalties and fines for organisations who are non-compliant ranging up to 4% of annual global turnover or €20 Million, whichever is the greater.

However, the GDPR does not only apply to organisations within Europe. It also applies to organisations outside of Europe, including those in New Zealand who sell goods or services to EU residents or who monitor the behaviour of EU residents.

New Zealand Trade and Enterprise recently released the following article regarding the GDPR and the implications to New Zealand businesses.

The checklist below provides a list of questions that will provide you with a good indication as to whether the GDPR applies to you or not. If you answer yes to any of the following questions you may need to comply with the GDPR


Disclaimer: This article does not constitute legal advice and is not a substitute for legal advice.


Do you need to know how GDPR ready you are?