What Is The GDPR?
The General Data Protection Act (GDPR) is an EU law on data protection and privacy, which addresses the export of personal data outside of the EU. Enforceable from 25 May 2018, it replaces the 1995 Data Protection Directive and is the most significant piece of European data protection legislation to be introduced in the European Union in 20 years.
The GDPR regulates the processing, collection, storage, transfer and use of personal data and is designed to give citizens and residents back control over their personal data. Under the GDPR, the concept of “personal data” covers any information relating to an identified or identifiable individual (a “data subject”) and places enhanced obligations on organisations in the way they handle and store the personal data they collect.