A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?


A. GDPR
B. ISO
C. NIST
D. PCI DSS