The GDPR stands for General Data Protection Regulation was enforced by the European Parliament in April 2016. It details provisions that businesses need to take to protect the privacy and personal data of their customers that are collected by companies when a transaction takes place. When a business adheres to the rules laid out by the law they are GDPR Compliant. 

The privacy data that is protected under the GDPR includes - 

• Identity information (name, address, ID number, etc)
• Location
• IP address
• Cookie data
• RFID tags
• Health and genetic data
• Biometric data
• Racial or ethnic data 
• Political opinions 
• Sexual orientation. 
  

Who Does the GDPR Law Apply to?

1. A company or entity which processes personal data as part of the activities of one of its branches established in the EU, regardless of where the data is processed; or
2. A company established outside the EU and is offering goods or services either paid or for free, or is monitoring the behavior of individuals in the EU.