GDPR stands for General Data Protection Regulation. It is a privacy-related set of regulations in the European Union (EU) which controls how personally identifiable data (PID) is stored, processed and deleted from computing systems. In GDPR the two basic roles in a system which are related to the processing of data are the GDPR controller and GDPR processor. The data controller determines the purposes for which and the means by which personal data is processed. The data processor processes personal data only on behalf of the controller. The data processor is usually a third party external to the company or organization.
GDPR is mostly a compliance, regulatory and legal set of terms and less a technical framework. Implementing GDPR therefore requires coordinated efforts from a diverse team of professionals within an organization, including legal, compliance and IT departments.
