The GDPR emphasises a lawful, in and transparent manner of processing personal data (information defined as anything which could be used to identify an individual person) and aims at harmonising data protection laws across Europe. This legislation is required due to technological penetration and advances in society; the smartphone is a good example of both of these points. We now have machines which we take everywhere and are capable of being utilised by businesses to profile one’s interests, habits and feelings. All in the pursuit for better marketing applicability.