by Hannah Grace Holladay / May 16th, 2023

GDPR is the European Union’s General Data Protection Regulation (GDPR). The law gives data subjects rights over their personal data and establishes obligations for any organization around the world that is processing the data of an EU data subject, making the applicability of the law follow data rather than following a data subject or physical location.

GDPR requires all data controllers and data processors that handle personal data of data subjects to apply appropriate security and organizational measures in order to safeguard the confidentiality, integrity, and availability of processing services. GDPR was enacted in 2016 and became enforceable on May 25, 2018.