The new EU regulation on data protection – “GDPR” – shall enter into force on May 25, 2018, being directly applicable within all EU member states, including Romania.
The GDPR applies to any business – whatever the incorporation form – that processes personal data either directly (i.e. as data controller) or
on behalf of other entities (i.e. as data operator).
The GDPR applies even to companies established outside the EU if they monitor the behaviour of or offer goods or services to individuals
within the EU.