The GDPR, or the General Data Protection Regulation, is a new set of regulations put forward by the European Commission. This replaces the previous Data Protection Directive from 1995.
The European Commission wants to give back control of personal data to consumers and also unify data protection regulations across the EU. These new regulations have been enforced since May 2018.
The GDPR will be enforced by the Information Commissioners Office (ICO), who can take action against any company or governmental body that fail to adhere since May 2018. Businesses could face considerably higher fines than the previous directive of up to €23 Million, or 4% of their global annual turnover if they don’t meet the GDPR after the deadline.