General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) unifies regulations regarding data protection for individuals within the European Union and will be directly applicable from 25 May 2018. Supplementary regulations include the simultaneously amended Austrian Data Protection Act (DSG) and other selective national legislative measures (eg the Research Organization Act).

The GDPR continues many well-known principles and rules from the current data protection law, but increases the requirements for the transparency of processing (information requirements) and generally strengthens the individuals' data rights (eg by stricter requirements for the effectiveness of consent). The GDPR also makes it necessary to improve documentation of data protection measures (accountability). The Data Protection Authority as a competent authority monitors compliance with the regulations.

Additional information