B2C clients and the contacts of B2B clients have data protection rights.
They can assert their rights by filing a claim with their data protection supervisory authority, or by legal action within the framework of a possible class action.
The GDPR requires organisations to act responsibly early on, by making their processing of personal data transparent and ensuring its legitimacy and security. By complying with these obligations in an effective manner, organisations can prove to their clients that they are trustworthy.
For companies which process personal data on behalf of their clients as processors, providing guarantees of GDPR compliance is all the more important as their clients are legally obliged to only engage processors who provide these guarantees.