Payments - PCI DSS:
Data & Privacy:
GDPR (Global Data Protection Regulation) is a regulation (EU) 2016/679 of the European Parliament and of The Council of 27 April 2016, that replaces the Data Protection Directive 95/46/EC. It is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU and is based on the Charter of Fundamental Rights and Treaty on the Functioning of the European Union.
It is designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
GDPR applies to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not. It applies to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU (non-EU businesses), which offer goods or services to EU citizens and the monitoring of behaviour that takes place within the EU