The principle scopes of the GDPR are to (i) harmonise data privacy laws of EU Member States; (ii) facilitate the free flow of data in the digital single market; (iii) protect all citizens from data and privacy breaches; (iv) remove bureaucratic inconsistencies that organisations face with respect to data protection laws in different States; (v) provide further transparency and accountability by data controllers and possessors of data. This is becoming increasingly more relevant in a world where technological changes and globalis