After more than three years of discussion the EU General Data Protection Regulation or GDPR framework has been finally agreed on. This directive will replace the current 1998 Data Protection Act. As with most major legislative change it will not be enforced immediately and will likely become compulsory at the first half of 2018.
The main intent of the GDPR is to give individuals more control over their personal data, impose stricter rules to companies handling it and make sure companies embrace new technology to process the influx of data produced. Here are the major changes that are mentioned in this new legislation: