Companies complying with GDPR face the challenge of replying to dozens or hundreds of individuals requesting access to their data each month. In this article, we share practical advice from European data protection and privacy officers from Deutsche Telekom, Acxiom and Schneider Electric on how to handle data subject requests. Among other insights, they said they aim for upfront transparency and to fully prepare their staff and to tailor responses to the country. See “The GDPR’s Data Subject Rights and Why They Matter” (Feb. 28, 2018).