General Data Protection Regulation: Difference between revisions

← Older edit Newer edit →

VisualWikitext

Revision as of 22:38, 21 September 2025 edit Beanie Bo (talk \| contribs) confirmed, Administrators 907 edits m Removed common terms category. Added pro-consumer category ← Older edit		Revision as of 21:47, 14 October 2025 edit undo Sojourna (talk \| contribs) Autoconfirmed users, confirmed, Administrators 5,403 edits m change raw to use wplink template Newer edit →
Line 1:		Line 1:
	The '''~~[[wikipedia:General_Data_Protection_Regulation~~\|General Data Protection Regulation]]''' (GDPR) is the European Union's comprehensive data privacy and security law that went into effect on May 25, 2018.<ref>[https://gdpr.eu/what-is-gdpr/ "What is GDPR, the EU’s new data protection law?"] - gdpr.eu - 25 May 2018</ref> The regulation applies to any organization worldwide that processes data related to EU residents, regardless of the organization's location. It represents the world's most stringent approach to data protection, with potential fines for violations reaching up to €20 million or 4% of global revenue, whichever is higher.		The '''{{Wplink\|General Data Protection Regulation}}''' (GDPR) is the European Union's comprehensive data privacy and security law that went into effect on May 25, 2018.<ref>[https://gdpr.eu/what-is-gdpr/ "What is GDPR, the EU’s new data protection law?"] - gdpr.eu - 25 May 2018</ref> The regulation applies to any organization worldwide that processes data related to EU residents, regardless of the organization's location. It represents the world's most stringent approach to data protection, with potential fines for violations reaching up to €20 million or 4% of global revenue, whichever is higher.

	The regulation mandates several key requirements for organizations processing EU residents' personal data. These include obtaining explicit consent for data collection, ensuring data minimization and purpose limitation, implementing appropriate security measures, and honoring individuals' rights regarding their personal data. Organizations must also maintain detailed documentation of their data processing activities, report data breaches within 72 hours, and in some cases appoint Data Protection Officers. The regulation defines personal data broadly, encompassing everything from basic identifiers like names and email addresses to more complex data like location information, biometric data, and online identifiers.		The regulation mandates several key requirements for organizations processing EU residents' personal data. These include obtaining explicit consent for data collection, ensuring data minimization and purpose limitation, implementing appropriate security measures, and honoring individuals' rights regarding their personal data. Organizations must also maintain detailed documentation of their data processing activities, report data breaches within 72 hours, and in some cases appoint Data Protection Officers. The regulation defines personal data broadly, encompassing everything from basic identifiers like names and email addresses to more complex data like location information, biometric data, and online identifiers.