The General Data Protection Regulation (GDPR) is a regulation by which the European Union (EU) intends to strengthen and unify data protection for all individuals within the EU.
GDPR codifies data protection rules for all companies that collect data from EU citizens. It expands individuals’ control over how and when their personal data is collected and used.
This regulation is in effect as of May 25, 2018 and will have an impact on many businesses around the world.
CMA Guide (members only)
CMA Blog & Other Media
- How the GDPR Impacts Marketers - Challenging Common Misconceptions to Understand Europe's New Privacy Law
- GDPR's Impact on Canadian Business - Preparing Yourself for EU's New Privacy Law
CMA Media Release
- CMA Releases Guide to Help Marketers Understand and Interpret the General Data Protection Regulation
Article 29 Working Party: Guidelines on consent
Article 29 Working Party: Guidelines on transparency
Article 29 Working Party: Guidelines on personal data breach notification
Article 29 Working Party: Guidelines on automated individual decision-making and profiling
Article 29 Working Party: Guidelines on the application and setting of administrative fines
Council of the European Union: Draft ePrivacy Regulation (May 2018)