The GDPR takes effect on 25th May, 2018. It has been enacted to accomplish two main things:
- Unify the current data protection privacy laws throughout the EU, and
- Enhance the rights of citizens of the EU to protect their personal information
Who does the GDPR apply to any business that does one or both of the following:
- Offers products or services to citizens of the EU
- Collects personal information from citizens of the EU
If you meet either of these criteria, then it doesn’t matter where your business is located. This means that a non-EU business that simply collects email addresses from EU citizens will be required to comply with the GDPR.
For a more detailed look at GDPR: Dummies Guide to GDPR