GDPR stands for the General Data Protection Regulation. It is a comprehensive data protection law that was adopted by the European Union (EU) in 2016 and entered into force in 2018. The GDPR replaced the 1995 EU Data Protection Directive and represented a significant expansion of individual rights and protections in the digital age.
The GDPR establishes some rights for individuals concerning their personal data, including the right to be informed about how their data is being used, the right to access their data, and the right to have their data erased. The GDPR also imposes several obligations on organizations that process personal data, including implementing appropriate technical and organizational measures to protect personal data and notifying individuals and regulators of data breaches.