GDPR becomes law on May 25th 2018. Therefore compliance to the requirements becomes a legal implication for your business on this date.
Steve wood, the Information Commissioner’s Office Head of International Strategy & Intelligence has quashed any suggestions of a soft start to GDPR. He stated “You will not hear talk of grace periods from people at the ICO. That’s not part of our regulatory strategy.” He explained the ICO intend to focus on risk and will be happy to work with organisations if there are any areas that seem unclear but there will be no grace period.