gdpr
GDPR
The EU privacy regulation for processing personal data.
Definition
GDPR requires lawful basis, data minimisation, information security, data subject rights and documented internal control.
Why it matters
Breaches can trigger large fines, but the practical risk often lies in weak visibility over data, roles and suppliers.