The General Data Protection Regulation (GDPR), aka Regulation 2016/679/EU, is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU). It applies to organizations:
The GDPR has extra-territorial effect, so even companies not in the EU but who do business with people or firms in the EU are effected.
It comes in to force on the 25th May 2018
Regulation 2016/679/EU (aka "The General Data Protection Regulation", aka "GDPR") was published in the Official Journal of the EU on the 4th May 2016 and will be in effect from the 25th May 2018.
The GDPR is a significant evolution in EU Data Privacy law and practice and presents significant opportunties and challenges for organisations processing data about residents of the European Union, regardless of where those organisations are based.
The entering into effect of the GDPR is only one of a number of significant changes to EU data privacy laws and governance which organisations may need to consider.
|Letter of Ms Falque-Pierrotin (ART29 WP) to CISPE||February 23, 2018|
|Press Release - Plenary Meeting February 2018||February 21, 2018|
|[Open] Guidelines on the accreditation of certification bodies||February 16, 2018|
|[Open] Guidelines on the accreditation of certification bodies||February 13, 2018|
|[Open] Guidelines on Article 49 of Regulation 2016/679||February 12, 2018|
|Letter of the Chair of the ART 29 WP to FATCA||February 12, 2018|
|APPA-WP29 GDPR factsheet||February 12, 2018|
|Letter of the Chair of the ART 29 WP to IATA and ECTAA||February 9, 2018|
|Working Document on Binding Corporate Rules for Processors (wp257)||February 9, 2018|
|Working Document on Binding Corporate Rules for Controllers (wp256)||February 9, 2018|