The General Data Protection Regulation (GDPR) is a European Union regulation governing data privacy, which places requirements on individuals and businesses offering services from and to the EU.
The aim of the General Data Protection Regulation (GDPR) is to harmonize the existing patchwork of data privacy laws currently in place across most of Europe, including the 27 member countries of the EU and the 3 additional member countries of the EEA.
The General Data Protection Regulation (GDPR) went into effect on May 25, 2018 and gives individuals in the European Union more transparency, rights, and control around the way their information is used. It also provides rights for data deletion, access, and portability.
Some key principles of the GDPR include:
- Data must be processed lawfully, fairly, and transparently. Individuals should be informed about how their data is being used.
- Data should be collected for specified, explicit, and legitimate purposes.
- Only the data necessary for the specified purpose should be collected.
- Personal data must be accurate and kept up to date.
- Data should be kept in a form that permits identification of data subjects for no longer than necessary.
- Data must be processed in a manner that ensures appropriate security.
- Organizations must be able to demonstrate compliance with the GDPR principles.
Related Information: