General Data Protection Regulation (GDPR)
The GDPR is a data protection and privacy regulation by the EU, effective since May 25, 2018. It applies to EU member states and organizations processing EU citizens' personal data, even if located outside the EU. GDPR covers the following scope: Personal data: Identifiable information about an individual, such as names, email addresses, location data, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions. Data processing: any action, whether automated or manual, performed on data. Examples include collecting, recording, organizing, structuring, storing, using, and erasing data. Data subject: A person whose data is being processed, such as customers or site visitors. Data controller: A person responsible for determining the purposes and methods of processing personal data. Data processor: A third party (email server, cloud) that processes personal data on behalf of a data controller. Key principles of the GDPR include: Lawfulness, fa...