Short for General Data Protection Regulation, this EU data protection directive goes into effect on May 25th, 2018 and has been cited as the most important change in data privacy regulation in 20 years. Approved by the EU Parliament on April 14th of 2016, GDPR actually replaces the EU Data Protection Directive of 1980 (throwback) which aimed to protect personal data and the fundamental human right of privacy for citizens of the EU.
GDPR applies to companies which operate in the EU but isn’t limited in scope to such companies. Personal data must be processed responsibly and demonstrate compliance with EU and member state data protection laws. GDPR actually applies to any company handling personal data of EU data subjects, regardless of the location of such company.