Since the GDPR went into effect across the EU in 2018, it has provided the minimum baseline that privacy-oriented companies had to consider in their customer-facing applications.