Please note that the following article does not constitute legal advice. For information on how the GDPR affects you specifically, consult your legal counsel.
The EU’s General Data Protection Regulation (GDPR), which came into effect on May 25, 2018, is a data protection law designed to strengthen data protections and give more control to EU residents and citizens over their personal data.
All businesses that are based in the EU or process the data of EU residents and citizens are impacted by the GDPR. These businesses are referred to as data controllers and are responsible for ensuring compliance with the GDPR.
If you are a data controller, you should be aware of the following aspects of the GDPR:
The definition of personal data has been expanded to include any data relating to an identified or identifiable living person. This includes IP addresses, names, home addresses, and location data.
Data protection rights
Under the GDPR, individuals who are EU residents or citizens have expanded data protection rights. This includes the rights to access, correction, erasure, and portability.
Under certain circumstances, data controllers are obligated to inform both the supervisory authority in their country and their customers of data breaches.