On Thursday, 14 April 2016, the European Parliament approved the EU General Data Protection Regulation (“the Regulation”) after years of discussions. The Regulation will likely come into force towards to beginning of 2018 and updates a legal framework that was well past its sell by date. Member States now have a structure that can be applied uniformly across the European Union. Companies and their data controllers will need to have new procedures in place to deal with the Regulation’s new transparency and individuals’ rights provisions and they may be required to put in place new contracts to appropriately deal with the sharing of data.