General Data Protection Regulation GDPR

What is General Data Protection Regulation GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It becomes enforceable from 25 May 2018, after a two-year transition period.

Unlike a directive, it does not require national governments to pass any enabling legislation and so it is directly binding and applicable.