General Data Protection Regulation
The European Union's (EU) General Data Protection Regulation (GDPR) is a privacy law that went into effect on May 25, 2018. It governs the use of personally identifiable information in the EEA (European Economic Area - the EU and certain other member countries). GDPR imposes legal obligations on entities that control or process personal data collected in the EEA.
In general, GDPR covers recording, storage, internal use, external disclosure, and transfer of personal data in the EEA, from individuals, when that data is identifiable.
For more information, see here.