What is gdpr
Last updated: April 1, 2026
Key Facts
- GDPR applies to all organizations handling personal data of EU residents, regardless of where the organization is located
- It grants individuals rights including access to their data, correction, deletion (right to be forgotten), and data portability
- Organizations must obtain explicit consent before collecting most types of personal data
- Violations can result in fines up to €20 million or 4% of annual global turnover, whichever is higher
- GDPR came into effect on May 25, 2018, replacing the 1995 Data Protection Directive
Overview
The General Data Protection Regulation (GDPR) is a comprehensive legal framework established by the European Union to protect personal data and privacy rights. It applies not only to organizations operating in the EU but to any organization worldwide that processes data belonging to EU residents. GDPR fundamentally changed how businesses handle personal information by shifting power from organizations to individuals.
Key Principles
GDPR is built on several core principles: lawfulness, fairness, and transparency in data processing; purpose limitation ensuring data is used only for stated purposes; data minimization collecting only necessary information; accuracy keeping data correct and up-to-date; integrity and confidentiality protecting data security; and accountability demonstrating compliance.
Individual Rights
GDPR grants citizens powerful rights over their personal data. The right of access allows individuals to request what data organizations hold about them. The right to be forgotten enables people to request deletion of their data under certain conditions. The right to data portability allows transferring personal data to other services. Additional rights include the right to restrict processing, the right to object to automated decision-making, and the right to notification of data breaches.
Organizational Requirements
Organizations must conduct Data Protection Impact Assessments, appoint Data Protection Officers (in certain cases), implement privacy by design, maintain detailed records of processing activities, and establish clear privacy policies. Data breach notifications must be submitted to authorities within 72 hours when there is risk to individuals.
Global Impact
Although GDPR is EU legislation, its extraterritorial reach means organizations worldwide must comply when handling EU residents' data. This has influenced privacy regulations globally, inspiring similar laws in other countries and raising baseline privacy standards internationally.
Related Questions
What are GDPR fines and penalties?
GDPR violations can result in fines up to €20 million or 4% of annual global revenue (whichever is higher) for the most serious breaches, and up to €10 million or 2% for less severe violations. Smaller infractions may result in warnings or lower fines.
Do small businesses need to comply with GDPR?
Yes, all organizations of any size must comply with GDPR when processing EU residents' data. However, some requirements like appointing a Data Protection Officer may only apply to larger organizations or those processing sensitive data at scale.
What is informed consent under GDPR?
Informed consent requires organizations to clearly explain what data they collect, how it will be used, who will access it, and obtain explicit agreement from individuals before processing. Consent must be freely given, specific, and easy to withdraw.
More What Is in Business
- What Is SEOSEO (Search Engine Optimization) is the practice of improving a website's visibility in organic sear…
- What is gwp in marketingGWP stands for "Gift With Purchase," a direct response marketing tactic where customers receive free…
- What is kv in marketingIn marketing, KV stands for 'Key Value' and represents the core benefits and advantages a product or…
- What is nwc in financeNWC (Net Working Capital) is a financial metric that measures a company's short-term liquidity and o…
- What Is GDPGDP (Gross Domestic Product) is the total monetary value of all finished goods and services produced…
- What Is InflationInflation is the rate at which prices rise over time, reducing the purchasing power of money. When i…
- What is the best measure to truly know how much more wealthy individuals are getting (or not getting)The Gini coefficient and wealth ratio (top 1% vs. bottom 50% wealth share) best measure wealth inequ…
- What is affiliate marketingAffiliate marketing is a performance-based business model where individuals or companies (affiliates…
- What is chuseokChuseok is Korea's major harvest festival celebrated for three days around the autumn equinox. It's …
- What is cx in marketingCX in marketing refers to Customer Experience strategy, where businesses optimize every customer tou…
- What is cx in businessCX (Customer Experience) refers to how customers perceive and feel about all interactions with a bus…
- What is equity in financeEquity in finance represents ownership stake in a company, calculated as total assets minus liabilit…
- What is gdpr complianceGDPR compliance means meeting all requirements of the General Data Protection Regulation through pol…
- What is gdp pppGDP PPP (Purchasing Power Parity) is a measure of a country's economic output adjusted for price lev…
- What is kpi in businessIn business, KPIs are strategic metrics that measure organizational performance against goals across…
- What is kql syntaxKQL (Kusto Query Language) is Microsoft's query language for analyzing data in Azure services like L…
- What is nj sales taxNew Jersey sales tax is a 6.625% state-level consumption tax applied to most tangible personal prope…
- What is qbr in businessQBR stands for Quarterly Business Review, a formal meeting between a company and its clients or stak…
- What is qqq stockQQQ is the ticker symbol for the Invesco QQQ Trust, an exchange-traded fund (ETF) that tracks the Na…
- What is qqqm stockQQQM is not a traditional stock but an exchange-traded fund ticker symbol that provides investment e…
Also in Business
- How To Start a Business
- How Does the Stock Market Work
- Difference Between LLC and Corporation
- Is it safe to invest in bonds
- Is it safe to invest in gold etf
- Is it safe to invest in silver
- Is it safe to invest in digital gold
- Is it safe to invest in silver now
- Is it safe to invest in gold
- How To Write a Resume
- Why isn’t the remaining 80% of global oil production enough
- Does inefficiency fueled by perpetual credit stimulate GDP as much as efficiency
- What causes the lag in prices falling back to normal
- What does it mean for the country if it's currency keeps getting devalued
- Why do european economies struggle everytime there is a bit of international conflict while countries such as Israel or Russia do fine even under active sanctions
More "What Is" Questions
Trending on WhatAnswer
Browse by Topic
Browse by Question Type
Sources
- Wikipedia - General Data Protection Regulation CC-BY-SA-4.0
- GDPR.info - Official GDPR Text and Guidance Public Domain