General Data Protection Regulation
The EU General Data Protection Regulation better known as GDPR is a European Union regulation. The regulation “applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location.” The GDPR is meant to protect your personal data, meaning “any information relating to an identifiable person why can be directly or indirectly identified”. GDPR regulates who may access your personal data, by requiring your explicit consent for them to access it; GDPR regulates how they are allowed to handle the personal data, who they are allowed to share the personal data with, and it gives you “the right to be forgotten” meaning that a company handling your personal data will have to erase your data upon your request or once the data is no longer necessary for the further work.
You can read more about the GDPR, what it regulates and whom it protects at https://eugdpr.org/.