The following answers some of the most common questions regarding the interpretation and implementation of the GDPR.

Material scope and legal implications

Does the GDPR apply to all media and all personal data?

The GDPR applies to all personal data that is collected in the EU, regardless of where in the world it is processed. Any database containing personal or sensitive data collected within the EU is in scope, as is any media containing personal or sensitive data. Any organisation that has such data in its systems, regardless of business size or sector, must comply with the GDPR.

Personal data is any information relating to an identifiable ‘natural person’ – a living human – and can include information such as ...

Get EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.