GDPR (General Data Protection Regulation)

EU privacy regulation governing personal data processing, rights, and safeguards.

February 18, 2025

GDPR sets rules for collecting and processing personal data of individuals in the EU/EEA. Key concepts: lawful basis, data minimization, purpose limitation, and data subject rights (access, deletion, portability).

Controllers and processors must implement security (e.g., ISO 27001 controls), handle cross-border transfers, and manage breach notifications. Privacy notices, DPAs, and retention schedules are essential artifacts.

#A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Related terms

Keep learning with these nearby definitions.

Acquirer

Bank or payment institution that signs merchants and routes their card transactions into the card networks.

Apple Pay

Mobile wallet by Apple that tokenizes cards for contactless and in-app payments.

Card Fraud

Unauthorized card use or theft of credentials to initiate transactions.

Card Network

Payment network (e.g., Visa/Mastercard) that sets rules and routes card transactions between issuers and acquirers.

GDPR (General Data Protection Regulation)