← Full glossary

GDPR (General Data Protection Regulation)

The EU regulation on the protection of personal data, applicable since 25 May 2018 and supplemented in Denmark by the Data Protection Act. GDPR sets requirements for how companies collect, use, store and delete personal data, and gives data subjects a range of rights. Companies must be able to document their compliance — the accountability principle. Violations can be fined up to EUR 20 million or 4% of global annual turnover.