Read the text of the GDPR directly. It’s surprisingly readable, and there’s several well-organized hypertext versions online.
It’s been several years since I read the GDPR, but my recollection is that companies smaller than 150 people, who don’t process “sensitive” data (sexual orientation, etc.) have lighter requirements. Again, read the GDPR itself for details.
It’s been several years since I read the GDPR, but my recollection is that companies smaller than 150 people, who don’t process “sensitive” data (sexual orientation, etc.) have lighter requirements. Again, read the GDPR itself for details.