From 25 May 2018, the law on personal data protection under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, commonly referred to as the General Data Protection Regulation (the “GDPR”), applies.

The new law governs the protection of personal data and was adopted in the form of a regulation, which means that the law is directly applicable to all businesses processing personal data within the European Union. All in order to harmonise the protection of fundamental rights and freedoms of natural persons throughout the European Union and thus ensure the free flow of personal data between Member States.