
The General Data Protection Regulation (GDPR), the EU's data privacy and security law, entered into force on May 25, 2018. In contrast to its predecessor, the Data Protection Directive (95/46/EC), the GDPR provides for more stringent rules in relation to the processing of personal data. The objective of the GDPR is to harmonize the protection of the fundamental rights and freedoms of natural persons, while ensuring the free flow of personal data.