GDPR is a new EU-wide privacy and general data protection law. It calls for more privacy in an organisation’s systems. More nuanced data protection agreements. Consumer-friendly and detailed disclosures about an organisation’s privacy and data protection practices. Because of this individuals can be certain that their basic rights with regard to their personal data are protected. Individuals’ rights continue to apply under the GDPR, subject to some clarifying amendments.
GDPR is relevant to any globally operating company. Not just those located in the EU. Under the General Data Protection Regulation organizations may be in scope if the organization is in the EU or the organization is not in the EU.