GDPR stands for General Data Protection Regulation (Regulation (EU) 2016/679). It is a European Union data protection regulation designed to strengthen the individual’s (i.e., as a "data subject") fundamental right to privacy and the protection of personal data. It introduces robust requirements for companies doing business in Europe that enhance and harmonize standards for data protection, security, and compliance. The GDPR went into effect on May 25, 2018 and it has become a model for many other countries around the world.
Following Brexit, the GDPR is retained in UK domestic law as the UK GDPR. For more information, see here.