The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a Regulation by which the European Commission intends to strengthen and unify data protection laws for individuals within the European Union (EU). It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect it will replace the data protection directive (officially Directive 95/46/EC) [2] from 1995. The regulation was adopted on 27 April 2016 and will take effect from 25 May 2018 after a two-year transition period. 

The pages linked to the left provide a range of resource to support schools in considering their position with respect to the legislation.