What is GDPR?

General Data Protection Regulation (GDPR) is a European Union (EU) regulation that protects the personal data and privacy of all EU citizens. The law applies to every organization that processes personal data of people who are within the EU. It also applies to organizations outside of the EU if they target their services or products at EU citizens.

The goal of GDPR is to give individuals more control over their data, including the right to access or know how how their personal data is being used by organizations.

Organizations that do not comply with GDPR face fines up to €20 million or 4% of annual global turnover (whichever is greater).