Είναι το ερώτημα που φέρεται να απασχολεί αρκετούς από τους κύκλους προστασίας δεδομένων: Τι θα συμβεί στις 26 Μαΐου; Για όσους δεν καταλαβαίνουν την ημερομηνία, να υπενθυμίσουμε ότι ο Γενικός Κανονισμός Προστασίας Δεδομένων (από το General Data Protection Regulation or GDPR for short) is set to come into effect on May 25.
So many people are wondering what will happen after application of the new regulation. Of course, the EU and its member states are said to take data protection very seriously, but to date, we have not seen any dramatic changes in the measures to be taken for the new regulation. 
Some would argue that this is due to the fact that many countries have neglected to give data protection laws to law enforcement authorities and will virtually not have a control mechanism in place.
However, GDPR comes and brings new rights to users, new obligations to share data breaches, and many other business issues that companies will find it hard to tackle.
The data protection authorities (DPA) expect everyone to implement the law quickly, but no one has said what will happen from day one… Will they start handing out fines immediately? Will there be many fines? Will fines be DPA's main tool for enforcing and introducing the GDPR?
Below we will see what you can do from 26 in May if you are not yet ready to fully adopt the new regulation:
First of all, do something to make the effort appear. Even if you are not ready for full adoption of the GDPR, it will not be a problem. Will there be a period of grace? We hope that some authorities will explicitly state that they will not exist. Of course, the necessary curve for learning the new regulation should be taken seriously, but this lies at the discretion of each Authority. However, it is important to start today, not tomorrow.
If an authority invites you and you can prove that you have started the path, it will go a long way.
Secondly, immediately update the Privacy Terms of Service and tell your customers what you do with their data. Also make sure to let them know about their rights as described in GDPR.
Transparency will be a key priority of the application, it will be the key. The exercise of rights will not be possible if there is no transparency.
If you collect data and do something with it that your customers don't know, better stop it, not tomorrow, today, or at least from May 25th. You are legally required to have a data protection officer. Make sure you set a name and post their contact information.
Third, make sure you ask for help. Some of these problems are really hard to solve. If you have a problem, do not pretend there is not. Do not hope you will not notice it. Contact your local DPA and ask that you do not understand. Better to disturb you than to disturb you.
Although not all EU data protection authorities are equally cooperative, the GDPR should be implemented. The given grace period mentioned above may not exist in some countries:
"There are no grace periods," said the Austrian DPA and Andrea Jelinek, "because grace periods were already the previous two years. You had two years to take the necessary steps. "
Surely there will be fines and they will be important. Strict fines will of course be imposed on companies that intentionally insist on violating the law.
There will be warnings, and investigations will be conducted before fines. However, companies that show a willingness to comply and cooperation they will be treated better by the authorities. Initially at least…
____________________
