GDPR, shorter version of General Data Protection Regulation, is regulation about protection of private data, valid since May 25th this year.
Such regulation is made so person has control over these information and it applies on all companies no matter where are they located and which industry are they in, if they are dealing with European Business Market and EU citizens.