2025 Year Review
2025 was another successful year for GDPRLocal, as we celebrated five years of dedicated service to our clients. These past 12 months brought remarkable milestones, new and practical tools, and expanded services that reflect our commitment to making compliance accessible, understandable, and achievable for businesses of all sizes.
This review highlights our key achievements, reviews the tools and services that defined our year, and showcases the educational content that has reached thousands of compliance professionals, business leaders, and data protection enthusiasts worldwide.
Celebrating Five Years of GDPRLocal
This year marked a significant milestone: five years since GDPRLocal launched its mission to simplify data protection compliance. Since our inception, we’ve been driven by a singular goal: making GDPR, data protection laws, and now AI regulation understandable and actionable for every organisation, regardless of size or sector.
Over these five years, we’ve grown from a small team of compliance specialists into a trusted resource for many organisations across the UK, USA, Europe and beyond.
More details here.
AI Literacy Policy & EU AI Act Compliance Checker
Why AI Literacy Matters
The adoption of artificial intelligence in the workplace has reached unprecedented levels. Recent data reveals that 94% of US employees are now familiar with generative AI tools, and 99% of C-suite leaders have exposure to these technologies. Yet there’s a significant disconnect between perception and reality: C-suite leaders estimated that only 4% of their employees use generative AI for 30% of their working day. In comparison, actual usage stands at 12%, three times higher than perceived.
This gap between awareness and understanding creates substantial compliance risks. Organisations often lack clear policies governing how employees use AI tools, what data can be shared with external AI platforms, and how to ensure compliance with data protection regulations and emerging AI laws. This is where an AI literacy policy becomes critical, and that’s why we created one for free, for every company.
This template provides organisations with a ready-to-implement framework that can be customised to fit specific industry needs and organisational structures.
Check it out here.
The EU AI Act Compliance Checker
To help organisations understand their obligations under the EU AI Act, we launched the EU AI Act Compliance Checker. This powerful tool helps with one of the world’s most significant AI regulations.
The EU AI Act establishes a risk-based framework for AI systems, categorising them into four tiers: Unacceptable Risk, High Risk, Limited Risk, and Minimal Risk. Each category carries distinct requirements and compliance obligations for organisations deploying or using AI systems. Understanding which category applies to your use cases is essential for regulatory compliance.
The tool evaluates your organisation’s AI systems against the EU AI Act criteria, identifies compliance gaps, suggests remediation steps, and provides a clear roadmap to full compliance. This is particularly timely given the EU AI Act’s enforcement timeline: the majority of provisions take effect on August 2, 2026, with full enforcement by the end of 2027.
Check it out here.
The New Swiss Representative Service
In March 2025, GDPRLocal announced an important expansion of its services: a dedicated Swiss Representative offering. This service reflects the growing importance of Swiss data protection compliance for non-Swiss organisations conducting business activities in Switzerland.
The Federal Data Protection Act (FDPA), Switzerland’s primary data protection legislation, applies to organisations outside Switzerland that process personal data of Swiss residents. Compliance with Swiss data protection laws is mandatory for businesses seeking to serve the Swiss market.
Learn more here.
Knowledge Sharing
GDPRLocal believes that education drives compliance. In 2025, we significantly expanded our educational content across multiple platforms, publishing over 200 blogs addressing the most pressing data protection and AI governance questions organisations face today.
Our content strategy focuses on making regulatory concepts accessible, practical, and relevant to real-world business scenarios. From technical deep-dives into GDPR mechanics to strategic guides on AI governance, our content serves professionals at all levels of the compliance journey.
The Important Voice of our Employees
Beyond formal content creation, the GDPRLocal team of compliance experts regularly shares real-world insights through Q&A posts and compliance tips on LinkedIn. These conversations address specific compliance challenges our audience faces, promoting a dialogue among experts and practitioners working on data protection.
• AI Safety & Compliance Essentials – Q&A with Lejla Kadrieska Buche
• Protecting Personal & Business Data – Q&A with Kristina Grncharovska
• Behind the Role (Customer Success Manager) with Nikola Bundevski
• AI Compliance Tip of the Week with Marin Milenkoski
LinkedIn Newsletter and Content
In addition to our established email newsletter that has provided compliance updates and insights to thousands of subscribers, 2025 saw the launch of a dedicated LinkedIn newsletter, GDPRLocal Insider. This reflects our commitment to meeting our audience where they already engage with professional content.
LinkedIn Carousels
Throughout 2025, we focused on creating interesting, engaging, and helpful carousels covering diverse compliance topics with practical information easy to implement for every compliance professional. Each carousel delivers clear steps that support different compliance efforts. You can check all of them in the list below:
• GDPR Checklist For New Businesses
• GDPR Checklist for Marketers
• What is a Data Subject? (and why it matters more than you think)
• AI Literacy Basics Every Company Needs to Know
• How to Submit a Subject Access Request (SAR)
• How to Get Certified Under UK GDPR (Guide)
• ISO27001 vs SOC 2 (Key Framework Differences)
• GDPRLocal AI Rep Services Overview
• What is a Sub-Processor under GDPR?
• General vs General-Purpose AI (Differences)
• EU AI Act – Guide for Businesses
• What is ROPA (Record of Processing Activities)
• AI Literacy Programme Requirements
• AI Risk Management Frameworks
• Data Incident Guide for Remote Work
• Data Protection Officer Requirements Around the World
• The 4 AI Risk Levels You Need To Know
Looking Forward
As we look toward 2026 and beyond, several trends will shape the compliance landscape: the EU AI Act’s transition to full enforcement, evolving national implementations of data protection requirements, the integration of AI into business processes at accelerating rates, and growing expectations for privacy and data security from customers and regulators alike.
GDPRLocal remains committed to helping organisations navigate these challenges. Whether you’re just beginning your compliance journey, implementing new data protection programs, or adapting to emerging AI regulations, our team, tools, and resources are here to support your success.