The General Data Protection Regulation, (GDPR), is a set of legislations adopted by the EU in May 2018 covering personal data, it’s definition, security requirements and allowed use.
The regulation was brought into practice to protect individual’s privacy as well as unify the way personal data is protected, stored, distributed and used. Personal data is defined in The GDPR as any information that can identify a ‘natural person’, such as their name, email, IP address or physical attributes.
The GDPR applies to any organisation that processes, stores, or transmits personal data relating to EU residents regardless of that organisation’s location. If an organisation breaches the regulation that organisation could be fined between 2% to 4% of their annual global turnover or up €20 million, whichever is the highest value.