The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU). Following four years of preparation the GDPR was approved by the EU Parliament on the 14th of April 2016. It will come into force on the 25th of May 2018 at which time organisations who do not comply will face significant fines.
The Article 29 Working Party (“WP29“) is the group representing national data protection regulators in the EU. WP29 issued new guidance on a number of key elements of the new General Data Protection Regulation (“GDPR“).
The guidance consists of three individual sets of guidelines and FAQs: