Skip links

Term: General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a European Union regulation on personal data that came into effect in 2018. It is designed to harmonize data privacy laws across its member nations and provide individuals with greater protection and rights.

What is the GDPR?

As an EU regulation, GDPR applies to all EU members. As part of this regulation, important aspects of privacy law are defined, including legal bases for data processing, definitions of “Data Controller” and “Data Processor”, what constitutes a valid consent, and what rights data subjects have. It serves as a global benchmark for other countries

Who does the GDPR applies to?

Essentially, the regulation applies to EU citizens, living individuals, who can be identified from available data either directly or indirectly. Personal data can include something obvious like a person’s name, location, or online username, or it can be something that is less apparent, such as IP addresses and cookie identifiers.

What does GDPR mean for your business?

Organizations that process personal data of EU citizens are subject to GDPR, including companies that offer goods and services or employ people in the EU, regardless of where their headquarters are located.

« Back to Glossary Index