The General Data Protection Regulation (GDPR) is an EU law on data protection and privacy. It was launched on 25th of May 2018 it in large parts replaces the current privacy framework, and with it comes the biggest change to European privacy laws for over 20 years.
The GDPR applies on all personal data that is handled within the borders of the EU or relates to individuals in EU – no matter where the organization handling the data is located.
The main aim of the GDPR is to unify and simplify the regulatory environment and to strengthen the data protection of individuals in the same way across the EU.
For individuals this means increased control over their personal data, and to businesses active in Europe the GDPR comes with additional requirements on how to handle personal data. Even though some things change, some things will stay the same.