In a short answer, if your firm deals with clients in the European Union, then yes. The General Data Protection Regulation went into effect on May 25, 2018. Companies have been scrambling to make sure they are in compliance with these new requirements, and email inboxes have been flooded with updated Privacy Policies.