General Data Protection Regulation is an EU-wide regulation regarding the protection of PII (Personally Identifiable Information). This regulation provides protections for personal data that is collected and used by organisations who operate within the EU or provide services/good to customers/businesses in the EU. The Regulation focusses on the following 7 principles:

· Lawfulness, fairness and transparency

· Purpose limitation

· Data minimisation

· Accuracy

· Storage limitation

· Integrity and confidentiality

· Accountability

When discussing personal data it is important to understand what information is included. Personal data can be defined as data that can be used to directly or indirectly identify an individual. This may include but is not limited to the following:

· Name

· Address

· Photo

· IP address

· Biometrics

· Phone number

· Licence plate

‍