The protection of personal data in Europe is a fundamental right as stated by Article 8 of the Charter of Fundamental Rights of the European Union. It has been operationalized by the General Data Protection Regulation(Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive), that is, the GDPR.
The GDPR entered into force on 24 May 2016 and applies since 25 May 2018. It constitutes the essential tool to strengthen individuals’ fundamental rights in the digital age and facilitate business by clarifying rules for companies and public bodies in the digital single market at the EU level.
This part of the Guidelines is aimed at exposing the fundamentals of the GDPR. It comprises five different sections: main principles, main concepts, main actors, data subjects’ rights and main tools and actions.