GDPR stands for the General Data Protection Regulation. It is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The regulation was adopted on April 14, 2016, and became enforceable on May 25, 2018. The GDPR replaced the 1995 EU Data Protection Directive and introduced significant changes in the way organizations must handle personal data, including increased requirements for transparency, consent, and security. The GDPR applies to all organizations that process personal data of EU citizens, regardless of where the organization is located.