The General Data Protection Regulation is the most sweeping global change on data privacy in twenty years. The European Commission set up a dedicated GDPR website to address key changes at eugdpr.org, with an enforcement date of May 25th, 2018.
The updated directive was designed to harmonize data privacy laws across Europe (and the world, for that matter, because the biggest change is the extended jurisdiction of GDPR with extra-territorial applicability).
It applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location.