It replaces the 1995 EU Data Protection Directive and aims to harmonize data privacy laws across EU member states. It applies to any company that processes personal data of EU citizens, regardless of where the company is based. The GDPR gives individuals more control over their personal data, including the right to access, correct, and delete it.
