The General Data Protection Regulation (Regulation 2016/679), also known as the GDPR, significantly increases the responsibilities and obligations for payments businesses in how they collect and process personal data.
The GDPR applies from May 25, 2018 in all EU member states and repealed Directive 95/46/EC.
Due to its nature as a regulation, the text is directly applicable and enforceable in all EU member states without having to be transposed into national law, in contrast to the previous EU Data Protection Law, i.e. Directive 95/46/EC, which needed to be transposed into national law by each member state.
The GDPR further harmonises the various data protection laws among EU member states.