The GDPR, which will replace the existing EU directive, must now be formally approved by the EU institutions. This is expected to occur in spring 2016, with its provisions taking effect two years later.
The new requirements will apply to public authorities and private entities, both within and outside the EU, that control and process the personal data of EU residents. As the GDPR is over 200 pages in length, this guide provides a summary of its key provisions, the impact it may have and what you can do now to prepare for its implementation.