Overview of the new regulations in force since May 25, 2018 …
The GDPR means General Data Protection Regulation. This concerns the collection of personal data of a person.
You have the obligation to request the consent of the person to collect personal data. This consent has no validity limit except for cookies which is set at 13 months.
The idea of this regulation comes from the observation by the European Commission and had to be updated to take into account the technological evolutions.
I recall that personal data is information that identifies a natural person, whether direct or indirect. It can be a photo, a name, an email address, an IP address, a phone number etc … Some of these data can be said sensitive and give rise to discrimination or prejudices.
In the case of a non-compliance of the GDPR, a fine up to 20 million euros or 4% of the annual turnover could be imposed.
In any case, prevention is better than cure!