Novo logótipo da Solutional (1)

General Data Protection Regulation

Partilhar isto
" Voltar ao Índice do Glossário

The General Data Protection Regulation (GDPR) is a comprehensive law designed to safeguard personal data within the European Union (EU). Enforced since 2016, it consists of eleven chapters that address various elements, including the principles, rights, and obligations related to data processing. GDPR applies to both data handlers (controllers and processors) and data subjects within the EU, and even extends to organizations outside the EU that process data of EU residents. Under GDPR, personal data refers to any information that can identify an individual. The law grants individuals several rights, including access to their data, rectification, erasure, and restriction of processing. It also mandates businesses to ensure data protection through various measures such as pseudonymisation, impact assessments, and incorporating data protection into their operations. Transferring personal data to third countries is permissible under certain conditions. Non-compliance can lead to substantial fines.

The General Data Protection Regulation (Regulation (EU) 2016/679, abbreviated RGPD) is a European Union regulation on information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law e human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology.

Regulation (EU) 2016/679
European Union regulation
Text with EEA relevance
TitleRegulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive)
Made byEuropean Parliament e Council of the European Union
Journal referenceL119, 4 May 2016, p. 1–88
Date made14 April 2016
Implementation date25 May 2018
Preparative texts
Commission proposalCOM/2012/010 final – 2012/0010 (COD)
Other legislation
ReplacesData Protection Directive
Current legislation

The European Parliament e Council of the European Union adopted the GDPR on 14 April 2016, to become effective on 25 May 2018. As an EU regulation (instead of a directive), GDPR is directly applicable with force of law on its own without the need of transposition. However, it also provides flexibility for individual member states to modify (derogate from) some of its provisions.

The regulation became a model for many other laws around the world, including in Turkey, Mauritius, Chile, Japan, Brazil, South Korea, South Africa, Argentina and Kenya. After leaving the European Union the United Kingdom enacted its "UK GDPR", identical to the GDPR. The Lei da privacidade do consumidor da Califórnia (CCPA), adopted on 28 June 2018, has many similarities with the GDPR.

" Voltar ao Índice do Glossário
Deslocar para o topo