“There are six words in the General Data Protection Regulation (GDPR) which has triggered a paradigm shift in how privacy compliance is dealt with by EU organisations. The GDPR mandates that an organisation must practice ‘data protection by design, by default’. What this means is that every organisation must weave privacy-thinking into its DNA. Hence, the paradigm shift has expanded privacy compliance out of the legal office into business operations. This book, although containing some ‘legal-speak’, it is rationed. The book is targeted at non-legal professionals who need to work out how to make this work in practice.”