The General Data Protection Regulation (GDPR) is a European Union regulation which came into effect on 25 May 2018.
GDPR applies to all organisations and aims to standardise and strengthen data protection policies. There can be serious financial penalties for any organisation that breaches these laws.
The term ‘data’ refers to any personal information you store. The data you hold belongs to the data subject (the person) and that data subject has the absolute right to say what happens to their information - and seek compensation if it is wrongly used or used without proper explicit consent. GDPR applies to all personal data that you currently hold. These laws apply to all data, not just data collected after May 2018.
