The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens. This means, that all organisations, companies, site owners and involved parties ‘handling’ personal data of European citizens or residents of the European Union (EU) have to comply with GDPR.
GDPR = General Data Protection Regulation.
It is a European regulation (2016/679) meant to give consumers more control over their personal data. It becomes enforceable by May 25th, 2018.