On May 25, 2018, the European Union General Data Protection Regulation (“GDPR” or “Regulation”) will go into effect. The GDPR is a uniform privacy regulation that imposes extensive requirements on organizations that collect information from individuals residing within the EU. For many organizations, complying with the Regulation will take a substantial amount of work, and require a close examination of longstanding policies and practices. To achieve compliance, many organizations will find themselves in the position of having to modify fundamental aspects of how they collect and use personal information, market their services and design their products. As the May 25, 2018, deadline approaches, it is more important than ever that companies develop a realistic plan, prioritize compliance with the Regulation’s most material terms, and ultimately strive for full compliance.