(also General Data Protection Regulation)
The General Data Protection Regulation (Regulation [EU] 2016/679 or simply the GDPR) is an EU law on data protection within the European Union and the European Economic Area. The GDPR aims to improve online privacy by making data collection more transparent and improving user control over their own data.
As an EU regulation, the GDPR has direct legal effect in the territory that it covers — that is, EU citizens can rely on its provisions even without any local laws implementing it. The GDPR also outlines the requirements for foreign companies dealing with EU citizens or accepting online traffic from the EU.