The Basic Data Protection Regulation of the European Union entered into force on 24 May 2016 and will in future regulate data protection uniformly throughout the EU. National regulations, such as the Austrian Data Protection Act 2000 (DSG 2000), now apply in addition if national interests are not covered by the EU GDPR. With its 99 articles, the regulation is very comprehensive and requires companies to make a number of changes to their own organizational, technical and legal measures. The sanctions for data protection violations have been increased by the regulation from up to € 300,000 up to € 20 million. Managing directors and executive directors stand opposite the society after §§ 43 GmbH, 93 AktG in the personal liability with their private fortune. The deadline for implementation is 25 May 2018; Within this period, the new requirements of every company in the EU have to be implemented..