Your not-for-profit may have paid little attention to the European Union’s (EU’s) General Data Protection Regulation (GDPR), which took effect May 25, 2018. The GDPR revises standards for privacy rights, information security and compliance in the EU. Yet it might also apply to U.S.-based organizations, such as your not-for-profit.