General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)

Status: Applicable since 25 May 2018

EUR-Lex-link: Adopted and published version, including other language versions, can also be found here

Name: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Type: Regulation

Objective:

  • To harmonize data privacy across the EU and to protect the privacy rights of individuals in the EU
  • Covers the processing of personal data by entities operating within the EU and by entities outside the EU if they offer goods or services to individuals in the EU
  • The purpose of the GDPR is to give individuals more control over their personal data and to simplify the regulatory environment for international business by harmonizing the regulation within the EU

Relevant to: Everyone processing personal data or individual who has his/her/their personal data processed

(Last updated 28 October 2025)