The General Data Protection Regulation (GDPR) is a new EU-based privacy and data protection law that came into effect on the 25th May, 2018. The law strengthens and unifies existing EU data privacy laws and provides sweeping new protections for individuals within the European Union and the European Economic Area (encompassing some countries, such as Switzerland for example, which aren’t part of the EU).
The GDPR aims primarily to give citizens and residents control over their personal data, and to simplify the regulatory environment for international business by unifying the data protection legislation across the EU.