The general data protection regulation applies in all Member States from 25 May 2018
The general data protection regulation (GDPR) is applicable from 25 May 2018, 2 years after the EU agreed to a major reform of its data protection framework.
The regulation replaces the 20-year-old Directive 95/46/EC. By setting a global data protection standard, it will strengthen the EU internal market, benefiting both citizens and businesses.
The GDPR is going to give EU citizens more control over their own personal data, improving their security both online and offline.
Furthermore, the new right to data portability (allowing individuals to move their personal data from one service provider to another) will favour start-ups and smaller companies, which could attract more consumers with privacy-friendly solutions.
List of documents
- Communication from the Commission to the European Parliament and the Council ─ Stronger protection, new opportunities ─ Commission guidance on the direct application of the general data protection regulation as of 25 May 2018 (COM(2018) 43 final)
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
- Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data
Summaries of EU Legislation
- Protection of personal data (from 2018)
- Protecting personal data when being used by police and criminal justice authorities (from 2018)
- European Commission ─ Press release
- ‘Questions and answers ─ General data protection regulation’ ─ Press release
- Online tool
- Guidance on upcoming new data protection rules across the EU