Home / Insight / GDPR


The EU General Data Protection Regulation came into force on 25 May 2018 and introduced some of the most strict data protection laws in the world. The CMS data protection team offers clients legal advice on all aspects of the GDPR and aims to help you understand where to focus your GDPR compliance efforts.

Please select one of the jurisdictions from the list below to find out more about GDPR in your country.

Data Law Navigator
Use the Data Law Navigator for a quick look at data protection laws in...
CMS Breach Assistant app
A head start during the first critical hours of a data breach
GDPR Enforcement Tracker Report 2024
A warm welcome to the fifth edition of the GDPR Enforcement Tracker Report...


CMS Expert Guide: Data Law Navigator
Data provides a whole range of opportunities but also includes new and unique risks for companies, governments and individuals. From sector-specific nuances to local derogations from the EU GDPR, sim­ul­tan­eously...
CMS Expert Guide to the impact of GDPR in non-EU countries
The European Union's General Data Protection Regulation (“GDPR“) is an interesting piece of legislation for several reasons but especially due to its application to businesses not connected to the...
CMS Next
What’s next? In a world of ever-ac­cel­er­at­ing change, staying ahead of the curve and knowing what’s next for your business or sector is essential. At CMS, we see ourselves not only as your legal advisers but also as your business partners. We work together with you to not only resolve current issues but to anticipate future challenges and innovate to meet them. With our latest publication, CMS Next, our experts will regularly offer you insights into and fresh perspectives on a range of issues that businesses have to deal with – from ESG agendas to restructuring after the pandemic or facing the digital transformation. We will also share with you more about the work that we are doing for our clients, helping them innovate, grow and mitigate risk. To be able to provide you with the best support, we immerse ourselves in your world to understand your legal needs and challenges. However, it is equally important that you know who we are and how we can work with you. So, we invite you to meet our experts and catch a glimpse of what is happening inside CMS. Enjoy reading this publication, which we will update regularly with new content. CMS Executive Team
The Changing Face of Cyber Claims
A cyber insurance loss study in Continental Europe
Data protection and security
Expert legal advisers
GDPR 3 years on – The greatest hits (and misses)
More than three years have passed since the GDPR applied and a lot has happened in the world of data protection during that time – fines, class actions, court challenges and more. We give our “playl­ist”...
EDPB approves first EU GDPR Code of Conduct for Cloud Service Providers
Following the submission by the Belgian Data Protection Authority, on May 19 the European Data Protection Board (EDPB) approved the EU Cloud Code of Conduct with subsequent final approval by the Belgian...
New GDPR Code of Conduct approved for Cloud Infrastructure Service Providers
The European Data Protection Board (EDPB) and the French Data Protection Authority (CNIL) approved the CISPE Data Protection Code of Conduct of Cloud Infrastructure Service Providers in Europe (CISPE...
EDPB issues Recommendation on credit card data storage for one-click payments
The European Data Protection Board (EDPB) has adopted a new recommendation on the legal basis for the storage of credit card data by e-commerce merchants for the purpose of one-click payment of further...
European Commission moves ahead with proposed 'Data Act' regulating access...
On 28 May, the European Commission launched an initial consultation on its plans for a ‘Data Act’, which would – if adopted – introduce rules for access to and use of data, both in business-to...
Schrems strikes again: EU-US Privacy Shield invalid; Standard Contractual...
A clash between US national surveillance law and EU data protection standards, which lies at the heart of Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems...
The Changing Face of Cyber Claims
At the invitation of global experts in insurance broking and risk management, Marsh, and IT consultants, Wavestone, CMS has contributed to The Changing Face of Cyber Claims study which looks at practical...