General Data Protection Regulation (GDPR)

A European privacy law governing how companies protect EU citizens’ personal data, such as names, emails, locations, IP addresses, or cultural and health details, and requires organizational transparency, lawful data processing, and robust security.

For example, companies must detail their data usage policies, get affirmative consent to collect data, and allow users to access their stored personal information.