GDPR is the General Data Protection Regulation adopted by the European Union (EU) Parliament. The regulation is designed to protect the data privacy of all EU citizens and to harmonize data privacy laws across member European states.
GDPR is a binding legislative act that must be applied in its entirety across the EU. Furthermore, it clearly extends jurisdiction extra-territorially. The new regulation applies to all companies processing the personal data of data subjects residing in the European Union, regardless of the company’s location.