GDPR or General Data Protection Regulations is the new data protection law enacted by the European Union, that came into effect from May 25, 2018 and has replaced the 1995 Data Protection Directive. GDPR applicable to any business involved in data processing related to the offering of goods and services to European Union population or monitoring of online behaviour which includes tracking used for internet-based marketing within the European Union.
This means every business in India that provides such services to the EU population needs to comply with the GDPR and put into place, a GDPR compliance policy on its website. This policy includes all the key information regarding the data collected by the business from its website users. Non-compliance with the GDPR can attract fines of up to 4% of the annual global turnover of the company or €20 million (Rs. 1,60,10,16,283.75) whichever is higher.