Regulation EU 2016/679 on the protection of natural persons with regard to the processing of personal data (GDPR) entered into force on 25 May 2018 in all Member States of the European Union.

The regulation guarantees everyone the right to the protection of personal data concerning themselves. The processing of personal data must therefore be based on compliance with the principles of lawfulness, fairness, transparency, relevance, minimization, accuracy, limitation of conservation, integrity and confidentiality, accountability; It is also advisable to adopt adequate technical and organizational measures to ensure a level of security appropriate to the risk.

Main European and Italian legal provisions