The pixel


An acronym for the General Data Protection Regulation. This is a data protection law that applies to all 28 Member States of the European Union.The aim of the GDPR is to set a high standard for data protection, and to provide one set of data protection rules for the entire EU. The 99 articles of the GDPR set forth several fundamental rights of data protection, including the right to be informed, right of access, right to rectification, right to erasure/to be forgotten, right to restrict processing, right to data portability, right to object and rights in relation to automated decision making and profiling.Those rules set by the GDPR apply to any organization that processes the personal data of EU residents, whether that organization itself is based in the EU or not. The GDPR modernizes the principles from the EU's 1995 Data Protection Directive and applies to personal data of EU citizens from that is processed by what the regulation calls data controller and data processors. Financial penalties for non-compliance reach up to USD $24M, or 4% percent of worldwide annual turnover, whichever is higher.

Related Terms

Opt In

When an individual makes an active indication of choice, such as checking a box indicating willingness to share information with third parties.

Learn More
European Data Protection Board

The primary supervisory authority established by the GDPR. The board consists of the heads of EU member states’ supervisory authorities as well as the European Data Protection Supervisor. The goal of the EDPB is to ensure consistent application of the GDPR by member states.

Learn More