What are the GDPR requirements?
Last April, the European Parliament adopted the General Data Protection Regulation (GDPR). It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU. Companies that do business in EU countries or process the personal data of EU citizens must be in compliance by May 25, 2018. (For more detail on what the GDPR means to U.S. businesses, see “General Data Protection Regulation (GDPR) requirements, deadlines and facts.”)