The General Data Protection Regulation (GDPR) is a comprehensive EU data privacy law that governs how organizations collect, process, store, and protect personal data of EU residents.
Authority
European Union (enforced by national DPAs)
Use Case
Applies to any organization processing EU resident data regardless of where the organization is based.