GDPR is short for General Data Protection Regulation. It was formally adopted in April 2016, and goes into effect on May 25, 2018. The GDPR is a set of regulations intended to strengthen and unify data protection rules for individuals (referred to as “data subject”) within the European Union (EU) and includes protection for both citizens and residents.
The GDPR is intended to give individuals greater control over their personal data. This includes sensitive information such as medical records and financial data, of course, but also any information that can be used to identify an individual.
The GDPR applies to all companies that do business with (and use personal data from) the EU. That includes a large proportion of enterprise companies headquartered in the US, Canada, China, Japan, and other non-EU countries.
Whether you’re just hearing about the GDPR for the first time or you’re making preparations to comply, our comprehensive guide – GDPR 101: What You Need to Know – will help you on your GDPR journey.
You can view the formal text of the GDPR here, but be forewarned — there are countless chapters, articles, recitals (used to establish context), and over 250 pages of legal jargon. You’ll find our handy GDPR guide much more user-friendly!