The GDPR or the General Data Protection Regulation, enforced by the European Union, contains rules about the protection of natural persons with regards to the processing of their personal data as well as about the free movement of personal data. The basic idea of the GDPR is to regulate the use of data so that you are in control of your data and not a company. This gives a lot more rights to data subjects and creates more security around data processing.
Principles of GDPR
Lawfulness and fairness
Data minimisation and proportionality
Integrity and confidentiality