The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It was adopted on April 14 2016, and after a two-year transition period, becomes enforceable on May 25 2018. Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU.
What types of privacy data does the GDPR protect?
- Basic identity information such as name, address and ID numbers
- Web data such as location, IP address, cookie data and RFID tags
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinions
- Sexual orientation
Kelly LeBlanc’s Europe’s GDPR to Set New Standards in Data Protection and Privacy Law focuses on the GDPR’s over-arching purpose and mission, common misconceptions, and the road to compliance. Recommended. — Joe