General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a law that was adopted by the European Parliament in April 2016 and will become enforceable on May 25, 2018. The regulation applies to the collection, processing and movement of personal data for individuals residing in 32 European States. (28 EU States + 4 other EEA European States). GDPR was written to unify the scattered data privacy laws across its member states. The EU States subscribing to the GDPR include:
The objective of GDPR is to protect all EU residents who are residing in the above States from two things:
1) Intrusions on an individual's privacy, and
2) Protection from data breaches.
The GDPR seeks to accomplish its objective by providing certain rights and freedoms to EU residents in relation to the processing of their personal data.
The GDPR applies to organizations and/or individuals:
located within the subscribing EU States;
located outside of the EU if they offer goods or services to EU residents, or
which monitor the behavior of EU residents,
This pertains to any organization, regardless of its location, that is processing and holding personal data of EU residents,