GDPR
E84602
The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
All labels observed (7)
| Label | Occurrences |
|---|---|
| General Data Protection Regulation | 8 |
| GDPR canonical | 7 |
| EU General Data Protection Regulation | 4 |
| Regulation (EU) 2016/679 | 4 |
| UK General Data Protection Regulation | 4 |
| EU data protection law | 2 |
| UK GDPR | 2 |
How this entity was disambiguated
This entity first appeared as the object of triple T712931 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: GDPR Context triple: [Google Ad Manager, supportsPrivacyFramework, GDPR]
-
A.
European Data Protection Supervisor
The European Data Protection Supervisor is the independent EU authority responsible for overseeing the protection of personal data and privacy within European Union institutions and bodies.
-
B.
Privacy Act of 1974
The Privacy Act of 1974 is a U.S. federal law that governs how federal agencies collect, maintain, use, and disclose individuals’ personal information, granting citizens rights to access and correct records about themselves.
-
C.
Information Commissioner’s Office
The Information Commissioner’s Office is the UK’s independent authority responsible for upholding information rights, including data protection and privacy, and promoting openness by public bodies.
-
D.
Gramm-Leach-Bliley Act of 1999
The Gramm-Leach-Bliley Act of 1999 is a U.S. federal law that overhauled financial regulation by repealing key parts of Glass-Steagall, allowing the consolidation of commercial banking, investment banking, and insurance services while imposing new consumer privacy and data protection requirements.
-
E.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: GDPR Target entity description: The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
-
A.
European Data Protection Supervisor
The European Data Protection Supervisor is the independent EU authority responsible for overseeing the protection of personal data and privacy within European Union institutions and bodies.
-
B.
Privacy Act of 1974
The Privacy Act of 1974 is a U.S. federal law that governs how federal agencies collect, maintain, use, and disclose individuals’ personal information, granting citizens rights to access and correct records about themselves.
-
C.
Information Commissioner’s Office
The Information Commissioner’s Office is the UK’s independent authority responsible for upholding information rights, including data protection and privacy, and promoting openness by public bodies.
-
D.
Gramm-Leach-Bliley Act of 1999
The Gramm-Leach-Bliley Act of 1999 is a U.S. federal law that overhauled financial regulation by repealing key parts of Glass-Steagall, allowing the consolidation of commercial banking, investment banking, and insurance services while imposing new consumer privacy and data protection requirements.
-
E.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
- F. None of above. chosen
Statements (67)
| Predicate | Object |
|---|---|
| instanceOf |
European Union regulation
ⓘ
data protection law ⓘ |
| adoptedBy |
Council of the European Union
ⓘ
European Parliament ⓘ |
| adoptionDate | 2016-04-27 ⓘ |
| allows | administrative fines up to 20 million EUR or 4% of global annual turnover ⓘ |
| appliesTo |
controllers of personal data
ⓘ
organizations monitoring behavior of individuals in the EU ⓘ organizations offering goods or services to individuals in the EU ⓘ processors of personal data ⓘ |
| containsChapter |
Chapter I: General provisions
ⓘ
Chapter II: Principles ⓘ Chapter III: Rights of the data subject ⓘ Chapter IV: Controller and processor ⓘ Chapter IX: Provisions relating to specific processing situations ⓘ Chapter V: Transfers of personal data to third countries or international organisations ⓘ Chapter VI: Independent supervisory authorities ⓘ Chapter VII: Cooperation and consistency ⓘ Chapter VIII: Remedies, liability and penalties ⓘ Chapter X: Delegated acts and implementing acts ⓘ Chapter XI: Final provisions ⓘ |
| definesTerm |
consent
ⓘ
data controller ⓘ data processor ⓘ data subject ⓘ personal data ⓘ profiling ⓘ pseudonymisation ⓘ |
| effectiveDate | 2018-05-25 ⓘ |
| enforcedBy |
European Data Protection Board
ⓘ
national data protection authorities ⓘ |
| establishesPrinciple |
accountability
ⓘ
accuracy ⓘ data minimisation ⓘ integrity and confidentiality ⓘ lawfulness, fairness and transparency ⓘ purpose limitation ⓘ storage limitation ⓘ |
| fullName |
GDPR
self-linksurface differs
ⓘ
surface form:
General Data Protection Regulation
|
| grantsRight |
right of access
ⓘ
right to data portability ⓘ right to erasure ⓘ right to object ⓘ right to rectification ⓘ right to restriction of processing ⓘ rights related to automated decision-making and profiling ⓘ |
| hasArticlesCount | 99 ⓘ |
| hasRecitalsCount | 173 ⓘ |
| jurisdiction |
European Economic Area
ⓘ
European Union ⓘ |
| language | all official languages of the European Union ⓘ |
| legalBasisForProcessing |
compliance with a legal obligation
ⓘ
consent ⓘ legitimate interests pursued by the controller or a third party ⓘ performance of a contract ⓘ performance of a task carried out in the public interest ⓘ protection of vital interests ⓘ |
| regulationNumber |
GDPR
self-linksurface differs
ⓘ
surface form:
Regulation (EU) 2016/679
|
| replaced | Data Protection Directive 95/46/EC ⓘ |
| requires |
appointment of a data protection officer in specific circumstances
ⓘ
data breach notification to data subjects in certain cases ⓘ data breach notification to supervisory authority ⓘ data protection by design and by default ⓘ data protection impact assessments ⓘ records of processing activities ⓘ |
| subjectMatter |
free movement of personal data
ⓘ
protection of natural persons with regard to the processing of personal data ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: GDPR Description of subject: The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
Referenced by (31)
Full triples — surface form annotated when it differs from this entity's canonical label.