The EU recently passed a new set of privacy regulations protecting the rights of individuals and giving them control over the PII held by companies operating in the EU. The General Data Protection Regulation (GDPR) is a new regulation created by the European Parliament. It was adopted on 27 April 2016 and applies from 25 May 2018, with the next two years declared a transitional period for businesses to get ready.