The General Data Protection Regulation (GDPR) will become a legal requirement for all organizations in Europe from 25 th May 2018 which collect and process data. One of the major changes detailed in Article 22 of the GDPR includes the rights of an individual not to be subject to automated decisionmaking, which includes profiling, unless explicit consent is given. Individuals who are subject to such decision-making have the right to ask for an explanation on how the decision is reached and organizations must utilize appropriate mathematics and statistical procedures. All data collected, including research projects require a privacy by design approach as well as the data controller to complete a Data Protection Impact Assessment in addition to gaining ethical approval. This paper discusses the impact of the GDPR on research projects which contain elements of computational intelligence undertaken within a University or with an Academic Partner.