What is the GDPR?
Coming into force on the 25th May, 2018, the General Data Protection Regulation (GDPR) represents the most comprehensive change to data security in the last two decades.
The GDPR is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). The regulation also aims to give citizens greater control over their personal data, as well as simplify regulatory reporting for international businesses, standardising reporting within the EU.
While the GDPR is principally an EU regulation, you are liable if you process the data of EU residents, regardless where you (or your business) is in the world. This means that non-European companies will need to comply with regulations and a failure to comply could come with a penalty of up to 4% of your worldwide turnover. Something you most certainly want to avoid.