The General Data Protection Regulation(DSGVO or DS-GVO; French Règlement général sur la protection des données RGPD, English General Data Protection Regulation GDPR) is a European Union regulation that harmonises the rules on the processing of personal data by most data controllers, both private and public, across the EU. This is intended to ensure the protection of personal data within the European Union on the one hand, and also to guarantee the free movement of data within the European Single Market on the other.
The Regulation replaces Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data, which dates from 1995.
Together with the so-called JHA Directive for data protection in the areas of police and justice[1] the GDPR has formed the common data protection framework in the European Union since 25 May 2018.[2] Furthermore, it has also been applicable law in the non-EU states of the European Economic Area (EEA) Iceland, Liechtenstein and Norway since 20 July 2018.[
