General Data Protection Regulation (GDPR)
Implemented on 25 May 2018, the GDPR is a regulation within the European Union (EU) and European Economic Area (EEA) pertaining to data protection and privacy.
The GDPR is pertinent to EU privacy law and human rights law. It has outlined 7 principles (Article 5.1-2) that must be adhered to when processing personal data.
These include:
Lawfulness, fairness and transparency,
Purpose limitation,
Data minimisation,
Accuracy,
Storage limitations,
Integrity and confidentiality, and
Accountability.
Although it was passed in Europe, the GDPR applies globally to anyone collecting data on people in the EU.
The Travel Rule requirement demands the collection of personal data, GDPR is a requisite to handle the information.
Click here to read how 21 Travel Rule adheres to the GDPR.