General Data Protection Regulation (GDPR)

GDPR: Your Data, Your Rights

The EU's General Data Protection Regulation safeguards your digital rights and privacy across all member states.

📚 Key Principles 📡 Report Issues

GDPR Foundation

Lawfulness

Data processing must be lawful, transparent, and based on valid legal basis.

Purpose Limitation

Data must not be processed beyond its original intended purpose.

Data Minimisation

Only collect and store the minimum necessary data for a given purpose.

Storage Limitation

Data should not be stored longer than necessary for the defined purpose.

Integrity & Confidentiality

Ensures data is protected against unauthorized access or breach.

Accountability

Organizations must demonstrate compliance through documentation and auditing.

Your Core Rights

Right to Access

You can request access to your personal data.

Right to Rectification

Ask for incorrect data to be corrected.

Right to Erasure

Request deletion of personal data where permissible.

Right to Transparency

You must be informed when organizations collect or use your data.

GDPR Enforcement

• Each EU country has a Data Protection Authority (DPA) responsible for enforcement
• Data Protection Commission reviews complaints about GDPR violations
• Organizations may face fines up to 4% of global turnover
• Right of action empowers consumers to take legal action if needed

Visit DPA Portal

Report a Violation

FAQ

What does GDPR cover?

GDPR protects any data that can identify a living person directly or indirectly (direct identifiers include name, address), including online identifiers like IP addresses or cookies.

Who enforces the rules?

The 27 EU data protection authorities monitor businesses and report enforcement actions to the European Data Protection Board (EDPB).