Five years ago, on May 25, 2018, the GDPR came into force across the EU. The GDPR established a comprehensive privacy and data protection legal framework, outlining new standards for the responsible and transparent handling of individuals’ personal data. As a result, businesses had to review their data processing policies, inter alia implement stronger security measures and report data breaches promptly. Additionally, the GDPR compelled businesses to adopt transparent privacy policies and clear consent mechanisms. The GDPR also brought forward the concept of “privacy by design,” embedding privacy considerations into the architecture of new systems and processes.

With regard to data subjects, the GDPR granted them several rights, including the right to erasure, the right to be informed about the collection and use of their personal data, the right to access their personal data, and the right to restrict or object to data processing. As a consequence, individuals currently have more control over their personal data and can make informed decisions about their privacy.

Since coming into force, the GDPR has influenced privacy and data protection regulations around the world. It has set a strong precedent for data protection standards, emphasizing the significance of data subjects’ rights in the digital age and prompting a global shift towards more robust legal frameworks in the field.

Finally, the celebration of the GDPR’s 5th anniversary clearly serves as a reminder of the ongoing commitment every business should have when it comes to respecting the privacy rights of the data subjects and effectively safeguarding their personal data.

To honor this day, our Data Protection & Privacy Team experts have developed a resourceful infographic. Here you can find some interesting facts about the GDPR implementation and enforcement on both EU and national levels. You can find it in the link below.