The General Data Protection Regulation (GDPR) is a data privacy regulation based in the European Union (EU). It applies to all companies who market to, collect information from, or do business with residents and citizens of the EU.

The sweeping legislation is the most comprehensive privacy law to date, and outlines strict guidelines for how businesses should handle consumer data, and disclose their privacy practices to users.


Key Requirements of the GDPR

The six key features of the GDPR that will likely affect your business are the following:

  1. Stronger user rights
  2. Stricter consent requirements
  3. Data Protection Impact Assessments (DPIAs)
  4. Data breach notifications
  5. Privacy by Design (PbD)
  6. Appointing a Data Protection Officer (DPO)


Our What is GDPR? guide explains the key features and requirements of the regulation.