Skip to main content

General Data Protection Regulation (GDPR)

What is GDPR?

The GDPR is a European regulation that governs the protection and free movement of personal data relating to individuals in the EU, and is intended to strengthen individuals’ fundamental rights in the digital age.  The EU regulation facilitates business operations by clarifying rules for companies and public bodies in the digital economy that process personal data. 

Under GDPR, individuals in the EU are granted specific rights with respect to their personal data, including the rights of data portability, access, amendment, erasure, and restriction and objection to processing; and organizations are required to implement a variety of measures to protect personal data.

Questions?

Contact the University Privacy Office

650.725.1828 | privacy@stanford.edu