Europe's General Data Protection Regulation, commonly known as GDPR, recently became a very popular concern for most of the companies collecting data over internet. This GDPR is a rule passed by the European Union in the year 2016, setting some new rules on how companies will manage and share personal data. On 25th May 2018, they also introduced some new changes which forced the companies to make changes in their policies. Many rules in GDPR are built on rules set by earlier EU privacy policy like the Privacy Shield and Data Protection Directive, but now the rules are expanded in two crucial ways. First, the GDPR sets a higher bar for obtaining personal data than we have ever seen on the internet before. Therefore, any time a company gathers personal data on an EU citizen, it will need clear and informed consent from that person. Second, the GDPR’s fines are severe enough to get the entire industry’s attention.

Read more at: https://www.theverge.com/2018/3/28/17172548/gdpr-compliance-requirements-privacy-notice