The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data) is a European Union directive adopted in 1995 which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law.
The General Data Protection Regulation (GDPR) (EU 2016/679) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. It is an important component of EU privacy and human rights law. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The GDPR was adopted in April 2016, superseding the 1995 Data Protection Directive, and will be enforceable starting on 25 May 2018. From this date, all businesses and organisations within the EU should have reviewed data protection procedures and updated privacy policies.