Speaker 1: The General Data Protection Regulation, or GDPR as you've likely heard it called. It goes into effect on May 25th and it could affect you. No matter where you are or where you live. How? Let's answer some questions. So, what is GDPR? It tightens Europe's already strict laws about what companies can do with people's data. It gives you more control over how your data is collected and used and forces companies to justify everything that they do with it. While GDPR is European Union legislation, it has a huge effect on businesses outside the EU, including the US. Why was GDPR introduced? Because the old laws were written before smartphones started collecting massive amounts of sensitive information for companies like Google and Facebook. GDPR gives organisations guidelines on what they can and can't do with personal data. It also makes them give users more clarity over the kind of data being used and how companies will use it. What is considered personal data under GDPR? Any data that can identify you. It includes your name, phone number or username, but the law also includes things like your IP address or location data. Even tighter rules apply for sensitive information such as sexual orientation, health data and political opinions. How will it affect you? One way is that you will often have to opt-in to letting a company use your data. This means fewer pre-ticked boxes and firms are compelled to use clear and simple language. Do people have the right to be forgotten? Yes, people can request to have their data deleted. Personal data also needs to be transferable via a common file type. However, the right to be forgotten is not absolute and certain conditions apply. Why is GDPR a concern for non-EU countries? Because many businesses collect or use EU residents' data. They also use companies based in the EU for services and processing data. What happens if a firm doesn't comply with GDPR? The penalty could be up to €20m or 4% of annual turnover, whichever is larger.