The General Data Protection Regulation (GDPR) took effect on May 25, 2018. GDPR affects both organizations based in the EU and organizations involved in processing EU citizens' personal data. This regulation standardizes data privacy laws across the European Union (EU), and EU citizens are entitled to exercise their GDPR rights. These rights include:
- Right of Access: Find out what kind of personal information is held about you and get a copy of this information.
- Right of Rectification: Ask for your information to be updated or corrected.
- Right to Data Portability: Receive a copy of the information which you have provided under contract so that you can provide that information to another organization.
- Right to Restrict Use: Ask for your personal information to stop being used in certain cases, including if you believe that the personal information about you is incorrect or the use is unlawful.
- Right to Object: Objecting to use of your information (where a party is processing it on legitimate interest basis) and to have your personal information deleted.
- Right to Erasure: In certain circumstances, you may also have your personal information deleted.