GDPR (General Data Protection Regulation) governs how organizations collect, store, and process personal data of EU residents. Key requirements: explicit consent, right to access, right to erasure, breach notification within 72 hours, and a designated DPO for large processors. Fines reach 4% of global revenue.
GDPR
European data protection regulation requiring lawful basis for processing personal data of EU residents.