The GDPR is a long complicated legal document that affects every business in a different way. Fundamentally, the rules that companies need to follow are actually pretty simple. The difficulty of achieving compliance varies from industry to industry, if not from company to company. Every business collects data differently and collects different data. The GDPR enforces a set of regulations that ensure the protection of consumer data within some limits. I would say that the only way to properly achieve compliance would be to hire a lawyer to guide you through it, but unfortunately, that’s not helpful advice for everyone. Most small businesses or freelancers can’t afford to hire a lawyer and most lawyers won’t even touch the GDPR because they don’t want to accept responsibility. I don’t accept legal responsibility for your compliance, but morally I want to do my very best to help people in the position that I was in to become compliant and operate within the law.