# What is GDPR ?

## Introduction to Privacy

**Privacy** — or personal data protection — refers to the set of rules, principles and practices designed to guarantee respect for private life and individual control over personal data. It is now at the heart of digital transformation, the development of artificial intelligence and responsible data governance.

***

### 🇪🇺 The European framework: from the GDPR to the AI Act

The **General Data Protection Regulation (GDPR)**, applicable since **25 May 2018**, is the cornerstone of data protection within the European Union. It governs the processing of personal data of European residents by all companies and public bodies, **including those located outside the EU**.

> 🔗 [Official GDPR text on EUR-Lex](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679)

The GDPR introduced:

* A logic of **proactive accountability**;
* The obligation to **document compliance**;
* **Strengthened rights** for individuals (access, rectification, erasure, portability);
* **Dissuasive sanctions** of up to €20 million or 4% of global annual turnover.

Its purpose is twofold:

1. **Return control** of personal data to European citizens;
2. **Harmonise** protection rules to facilitate economic exchanges in the single market.

***

### ⚖️ An integrated approach to data governance

Since 2018, the European framework has expanded into a **comprehensive data regulation ecosystem**:

| Text                             | Main objective                                                      | Entry into force |
| -------------------------------- | ------------------------------------------------------------------- | ---------------- |
| **GDPR**                         | Personal data protection                                            | 2018             |
| **Data Governance Act (DGA)**    | Facilitate secure sharing of public and private data                | 2022             |
| **Data Act**                     | Guarantee portability and fair access to industrial data            | 2025             |
| **AI Act**                       | Regulate the development, deployment and use of AI systems          | 2026             |
| **NIS 2 / Cyber Resilience Act** | Strengthen the security of information systems and digital products | 2024–2025        |

***

### 🤖 The AI Act: governing artificial intelligence

Adopted in 2024, the **EU Artificial Intelligence Act (AI Act)** establishes the first comprehensive legal framework for AI. It requires organisations to \*\*do


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.dastra.eu/en/useful-reminders/introduction-to-privacy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.