This isn't an official website of the European Union

General Data Protection Regulation

23.05.2019

On 25 May 2018, the General Data Protection Regulation (GDPR) entered into force. The Regulation updates and modernises the principles enshrined in the former Data Protection Directive of 1995 to guarantee privacy rights.

The regulation is an essential step to strengthen citizens' fundamental rights in the digital age and facilitate business by simplifying rules for companies in the digital single market. A single law will also do away with the current fragmentation and costly administrative burdens. The Regulation focuses on:

  • reinforcing individuals' rights;
  • strengthening the EU internal market;
  • ensuring stronger enforcement of the rules;
  • streamlining international transfers of personal data and;
  • Setting global data protection standards.

The changes will give people more control over their personal data and make it easier to access it. They are designed to make sure that people's personal information is protected – no matter where it is sent, processed or stored – even outside the EU, as may often be the case on the internet.


See also