The GDPR is a new set of rules designed to shape and enhance the privacy of data transfers across the EU states. The European Commission first proposed the regulation to the EU privacy and data protection regime in 2012, before it was adopted by the European Parliament and the Council of the European Union on April 27, 2016. The order was implemented as a regulation that applies the processing of data of individuals located in the EU. It also applies to organizations, regardless of location, that are involved with activities related to the offer of goods or services to individuals in the EU, or the monitoring of individuals as far as their behavior takes place within the EU.
Collectively, the set of rules was created to facilitate the free flow of personal data between EU member states within a harmonized framework that upholds and assures privacy and proper management of customer data, regardless of whether the data is in transit or stored..