There are some issues regarding GDPR that I would appreciate your help with.
1. Does every company need to have an Inventory of processing activities?
2. How about a DPO?
3. How does the GDPR apply to companies outside Europe?
4. What is the biggest fine so far?
5. Which would be the best way to present to the management the need to implement GDPR?
6. How much time would it take a small company?