Skip to main content



(also General Data Protection Regulation)

GDPR definition

The General Data Protection Regulation (Regulation [EU] 2016/679 or simply the GDPR) is an EU law on data protection within the European Union and the European Economic Area. The GDPR aims to improve online privacy by making data collection more transparent and improving user control over their own data.

As an EU regulation, the GDPR has direct legal effect in the territory that it covers — that is, EU citizens can rely on its provisions even without any local laws implementing it. The GDPR also outlines the requirements for foreign companies dealing with EU citizens or accepting online traffic from the EU.

Real GDPR usage examples

  • Privacy policy: Websites must address the GDPR requirements for the processing of user data in their privacy policy and avoid any practice that goes against the regulation.
  • Cookie policy: Websites can’t automatically add cookies to your browser under the GDPR — the user must now be informed about them and choose which ones to accept.
  • Third-party sites: Sites outside the EU must either comply with the provisions of the GDPR or block traffic from EU visitors.