[AlexanderHanff]

Absolute nonsense. Any company that was complying with the old Data Protection Directive should have had zero issues upgrading their processes and policies to comply with GDPR there are very few material differences between the two and the previous law existed since 1995 - most of the changes are around accountability (record keeping).

Also cookies literally have nothing to do with GDPR other than the definition of consent - Cookies are governed under and entirely different law which has existed since 2002 (Directive 2002/58/EC).

It bugs me when I see people criticising the law when they actually havent even bothered to research and understand it or even look at the correct law.