The GDPR – General Data Protection Regulation is an EU law on data protection and privacy for all individuals within the European Union and European Economic Area.
The regulation will apply to all the companies processing the user data in the EU regardless of the company location. The main aim of GDPR is to give control to the citizens of EU and residence of EU on their personal data over the internet.
Superseding the Data Protection Directive 95/46/EC, the control contains arrangements and necessities relating to the preparing of by and by identifiable data of information subjects inside the European Union, and applies to all undertakings, paying little respect to area, that is working with the European Economic Area.
It was first approved on 14 Apr ’16. After two years of the development period, it becomes enforced by 25 May ’18. The law changes the standards for organizations that gather, store or process a lot of data on inhabitants of the EU, requiring more transparency about what information they have and who they share it with. Due to the recent Data Scandal on Facebook by Cambridge Analytica, the advocates found an eye-catching example of why internet users might want more control over who can access their data.
The GDPR regulation is not only for just like Facebook. It will apply to all the firms including Healthcare providers, Banks, insurers and other companies who process sensitive data.
Does the GDPR affect a non-EU resident?
Read more about GDPR on their official website.