This paper discusses the EU’s forthcoming General Data Protection Regulation (GDPR) not from a legal perspective but from the point of view of data management. The paper does, of course, cover the legal aspects of GDPR but the emphasis is on information management. For example, what is the impact for analytics, for DevOps, for test data management and archiving? What are the implications for master data management and data governance? Even more basic issues – for example, with respect to database technology and taking back-ups, are also considered. The paper also discusses the use of technologies such as data profiling and data masking to help to meet the requirements of GDPR.