What is GDPR? The GDPR – General Data Protection Regulation – is a new EU law around data protection and privacy for collection and processing of EU citizens personal information. These new regulations came into effect on May 25th, harmonising data privacy laws across Europe.
The GDPR is being implemented to provide individuals greater protections and rights to their personal data, giving them control over how organisationscollect, store, share and use their personal data. They will also have additional rights in relation to requesting access to personal data organisations hold on them.
In addition to enhancing consumer rights, transparency is a key goal of the GDPR. Organisations must be transparent in how they collect personal data, what they use the personal data for, and who they share it with, which must be clearly communicated in user friendly language at the point the consumer is asked to provide these details.
Heavy fines can be applied to organisations who do not comply with the new regulations.
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
https://gdpr-info.eu