The General Data Protection Regulation(GDPR) is a regulation of the European Union. It entered into force on May 25, 2018 and deals with the protection of personal data by companies.
The GDPR Regulation contains the guidelines for companies to make data protection more transparent for the storage and use of personal data. Data subjects are given more insight into the data they store and more rights when it comes to deletion. For example, companies that use personal data for their business activities must obtain consent for data storage, and the transfer to third-party companies, data processing and the use of personal data are also subject to strict legal requirements. Companies, above a certain number of employees must appoint a data protection officer. The legal requirements apply to all EU citizens, regardless of the company's location. They apply equally to large companies, medium-sized and small companies, associations, public authorities and clubs.
The GDPR has significant benefits for people who use social networks and social services. Companies are obliged to provide information about the type, scope and details of the personal data stored, which can be deleted at any time upon request. In the event of non- compliance with the General Data Protection Regulation, penalties of up to 20 million euros can be imposed.