Skip to content

General Data Protection Regulations

General Data Protection regulation (GDPR) is a new legal framework formalized in the Europe Union (EU) in 2016. It is expected that all the applicable organizations will be following the GDPR starting from May 2018.

One can easily get a wrong impression about the GDPR by understanding it as an attempt to constrain the processing of personal data belonging to individuals for the commercial purposes. But the reality is:

  • The GDPR is to enhance and accept the fundamental rights of protection of personal data belonging to an individual,also ensure the freedom in processing personal data based on individual’s explicit and positive consent. This will enable customers to engage with business organizations under a well-defined context with an assurance on consumer rights.
  • The GDPR provides business organizations certainty on data processing. Now organizations can make proper judgment on customer data processing without getting into the risk of data protection related lawsuits.

It’s important to understand that the GDPR does not try to restrict or prohibit free movement of personal data “within the EU”. Instead, it strengthens fundamental right to protect personal data and freedom of individuals. The GDPR also provides clear process and safeguard measures to transfer personal data outside the EU.

Source: Gunathunga, S. (2017, September 10). An overview guide to understand the GDPR regulation. Medium. Retrieved from