Many companies incorrectly believe that the GDPR doesn’t affect organizations outside of the European continent. Nothing could be more incorrect.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect all organizations that handle Europeans' personal data - no matter where it is stored - Ohio, Singapore, or São Paulo.
What is GDPR?
The aims of the regulation are to protect the fundamental rights and freedoms of natural persons and to enshrine their right to protection of their personal data as well as the free movement of these data (see Art. 1 GDPR).