The EU's General Data Protection Regulation (GDPR) is new privacy regulations that are going into place officially on May 25th, 2018.

According to the GDPR's official website these new regulations were designed to "harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy".

And like most government created laws and legislation the GDPR is a huge topic and unfortunately it's also incredibly complex. The good news is that we've done a ton of the homework for you within this article and you'll have a clear picture of what this all means by the time you finish reading this resource. If you're US based (and not hosting websites) then the changes you'll have to make are minimum. The bad news is that the laws and how to comply are very specific to each type of business so you're going to have to do a little research past this point.

Wondering if this even applies to you? Well, regardless if you're located inside or outside of the EU, if you do any type of business with Europeans that includes the processing of their personal data (including email or IP address), this legislation applies to you.

Please be warned: This guide is an overview and we are really looking at the topic in terms of the least sensitive category of personal data. If you or your clients' business(es) regularly deal with sensitive personal data, then you will need professional advice to be sure you're covered. The potential fines that go with being non-compliant with these new regulations are not something to take lightly.

---

Section 1: Understanding the GDPR and Who it Affects

---

What Sort of Data is Covered by GDPR?

At its simplest level, the goal of GDPR is to make companies and charities responsible for protecting data about individuals who are nationals of any European Union countries or the United Kingdom. The...