The GDPR – EU General Data Protection Regulation
|Download this file:||GDPR factsheet final - PDF (445 KB)|
The EU General Data Protection Regulation (GDPR) is designed to harmonise data privacy laws across the European Union (EU) and offer enhanced privacy protections for individuals in the EU. The GDPR came into effect on 25 May 2018.
Entities that fall within the scope of Article 3 of the GDPR will attract obligations to protect the personal data of individuals in the EU, in accordance with the GDPR. The extra-territorial reach of the GDPR is arguably the biggest regulatory change for data privacy laws internationally.
The extra-territorial scope of the GDPR is designed to make entities accountable for their data processing activities, regardless of their location, when processing the personal data of individuals in the EU.
The purpose of this document is to provide a comparison between the Information Privacy Principles under the Privacy and Data Protection Act 2014 and the GDPR.