More and more entrepreneurs see online opportunities... to grow their business. Every week, more than 80 new webshops appear. Like Susan's. She has just started her webshop. Her website, inventory, and logistics are in order. But what about the privacy and personal data of her customers? Because, as an entrepreneur, she needs to comply... with the General Data Protection Regulation. or GDPR. Through her webshop, Susan uses and keeps the data of her first customers. A basis for the business and handy for marketing. But, this personal data... cannot be used in just any situation. There must be a valid reason. An example; for sending invoices and packages... Susan needs financial and address information. This information has a clear purpose... and she is allowed to use it for that purpose. Her customers' date of birth... is not relevant for sending a package, so she is not allowed to ask for that information. Susans' webshop is doing well... and she has collected a lot of customer information. To entice these customers... to make a new purchase, she sends them an email. This is allowed, because the products are similar to what they have recently bought from her. In addition to her customers, Susan also has other contacts. From her social media network, mailbox, or business cards. Susan doubts if she is allowed to add these contacts... to her mailing list. On the website of the Dutch Data Protection Authority... she checks which conditions apply. She must first ask these contacts for their permission, and be able to show that she received that. She also learns that unsubscribing from future emails… must always be possible. Utilise the opportunities of the GDPR... and show that you carefully handle... the privacy and data of your customers. That is how you make a difference.