General Data Protection Regulation (GDPR)

The GDPR is a European privacy law that aims to protect the rights of freedoms of EU citizens, particularly when it comes to the protection of their personal data:

1. This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
2. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
3. The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.

— GDPR Chapter 1, Art. 1

The GDPR entered into force in 2016 after passing European Parliament, and as of May 25, 2018, all organizations are required to be compliant.

Further reading

• Applicability of the GDPR