The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It comes into effect on May 25, 2018.

Personal data plays a huge part in society and the economy. It is essential that people have—and know they have—control and clarity over how their data is used and protected by any organization they interact with, and that organizations are given clear guidelines to protect their personal data.

One of the aims of the GDPR is to harmonize and bring data privacy laws across Europe up to speed with the rapid technological change in the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.