Jan 18, 2018
GDPR, in a nutshell, is a set of legal regulations focused on the privacy of personal information for EU citizens - no matter where they are. Entities that store and/or process personal information about EU citizens must clearly explain to the citizens what data is being stored and processed, and any parties the data is being shared with. The citizens must opt-in and agree to each instance or reason that their data is being stored and processed. The citizens also must be able to, at any time, request a copy of the data or request that it be deleted.
As “any information relating to an identified or identifiable natural person."
May 25, 2018.
Two primary roles:
An entity that determines the purposes, conditions and means of the processing of personal data
An entity which processes personal data on behalf of the controller
Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
Contract
Legal obligation
Vital interests
Public task
Legitimate interests
This site lays things out at a high level with a 12-step program, if you will.
This http://gdprandyou.ie/ site is a great GDPR primer, and this PDF from Imperva is good as well. I also googled GDPR for dummies and found some good results too :-)