The law is a replacement for the 1995 Data Protection Directive, which has until now set the minimum standards for processing data in the EU. Individuals will find themselves with more power to demand companies reveal or delete the personal data they hold.
Our website is run through Wix premium - their GDPR policy is here: https://support.wix.com/en/article/general-data-protection-regulation-gdpr
However GDPR still applies to CrackedCubes Ltd. as data is stored from contact forms. As this data is stored electronically, it needs to be protected.
All data is securely stored. Strong passwords are changed regularly and data no longer needed is deleted. Any data collection process must have authorisation prior to collection. (E.g. a separate op-in box.) For those submitting a query, data held will include: their name, email, Twitter/Discord account, and any comments they put in the application form. If there is a data breach, you will be informed within 72 hours detailing what details might have been stolen. The Information Commissioner's Office will also be informed of the data breach.