According to Article 25 of the Regulation, it is necessary to comply with the principles of Privacy by Design (designed privacy).
Effective PR strategy.
Companies like Apple, Mozilla, DuckDuckGo, Ecosia, Telegram, Bumble, Corona-App (DE), Signal, NextCloud have already succeeded in this. And it really works, because everyone even turns a blind eye to their imperfection in terms of security and advanced technologies.
Trust and respect for the product.
Compliance with principles is not due to laws, but due to opportunity. After all, only a company can prevent an imbalance, where the person who uses the product has much less power over his personal information than the business.
A winning model.
The GDPR, despite the 30-page guidelines, contains general requirements and advice on what to do, but there is no checklist. Strategic Privacy by Design is a methodology that involves developing a clear plan of action.