General Data Protection Regulation

The General Data Protection Regulation (GDPR) is a landmark data privacy law that passed in 2016 and went into force in May 2018. It applies to any country that's based in the EU or markets goods/services to EU citizens.

Creating the framework for modern privacy regulation, the GDPR is one of the strictest privacy laws to date.

The GDPR originated with the European Data Protection Directive (EDPD), which created a security and data privacy baseline for businesses operating in the EU. As each EU member state was allowed to create their own requirements based on EDPD guidelines, Europe’s data protection authority eventually decided the EU needed a stronger, more centralized privacy law.

Complying with the GDPR is now table stakes for operating a business in the EU, so it’s important organizations understand what’s required.

Learn more about GDPR requirements with Transcend’s Complete Guide to the GDPR.

Additional resources * * Guide to the UK General Data Protection Regulation * The Complete Guide to GDPR Data Mapping