The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
GDPR started to apply across the European Union from 25 May 2018, and all member nations are expected to have transferred it into their own national law by 6 May 2018.
Following four years of preparation and debate, GDPR was approved by the European Parliament in April 2016 and the official texts and regulation of the directive were published in all of the official languages of the EU in May 2016.
—> this section from the WIKIPEDIA: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation