The General Data Protection Regulation (GDPR), a unified data protection law, came into force on May 25, 2018, in Europe. It replaced the European Data Protection Directive 95/46/EC.
This law enhances protection of personal data of EU citizens and gives them greater control over their personal data’s use within the EU and abroad. The GDPR is designed to bring together the regulatory environment for companies handling personal data of EU citizens.
All businesses that handle personal data of EU residents are subject to the GDPR. A business can be classified as either a controller or processor of personal data: a controller collects personal data and oversees its management; a processor processes personal data for a controller.
The GDPR expands the definitions of “personal data” to include online identifiers, location data, and electronic metadata that were not covered by previous EU data protection laws. Companies that fail to protect personal data of EU citizens in accordance to GDPR rules could face severe fines.
Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium.