Glossary

Glossary: GDPR

The General Data Protection Regulation, an EU law governing how personal data is collected, stored, and used.

GDPR (General Data Protection Regulation) is the European Union’s data protection law, governing how companies collect, store, and process the personal data of EU residents. It applies to any company handling EU user data, regardless of where the company is based.

Examples

  • A company operating in the EU maintains a Data Processing Agreement to comply with GDPR.

  • A user requests deletion of their personal data under their GDPR right to erasure.

  • A privacy policy discloses what personal data is collected and why, as required by GDPR.

FAQs

Who does GDPR apply to?

Any organization that processes the personal data of individuals located in the EU, regardless of where the organization itself is based.

How does GDPR affect analytics?

It requires a lawful basis for processing personal data, which is why privacy-first and cookieless approaches to analytics have grown in popularity.

Is a wallet address personal data under GDPR?

It can be, depending on whether it can be linked to an identifiable individual, a question many web3 teams work through with legal counsel.