Regulation (EU) 2016/6791, the European Union’s new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.
It doesn’t apply to the processing of personal data of deceased persons or of legal entities.
The rules don’t apply to data processed by an individual for purely personal reasons or for activities carried out in one’s home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected.
A complete guide and overview of the new GDPR going into effect in the EU later this month. It’s a very comprehensive set of privacy regulations that virtually all technology – and others – will have to comply with.