There are costly penalties for companies who are not General Data Protection Regulation (GDPR) compliant since the 25th May 2018.
The financial penalties for non-compliance are up to €20 million or 4 percent of global annual turnover – whichever is higher.
Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU.
And yes, this includes small businesses and the self-employed.
The GDPR audit will identify areas where you are not compliant in your business and the measures you need to take in order to rectify this.