The GDPR was a refresh of Europe’s data protection laws, replacing the earlier legislation (from 1995) that predated the dotcom boom, social media, smart devices, and the cloud. The declared aims of GDPR were to strengthen citizens’ fundamental rights in the digital age and it introduced substantial changes in the way personal data had to be governed and protected.
A key point, though, is that GDPR established a harmonized data protection framework across the whole of the European Union (EU), giving data subjects in the EU the same data protection rights regardless of where their data is processed

International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the
information technology, telecommunications and consumer technology markets. IDC helps IT professionals, business executives, and
the investment community make fact-based decisions on technology purchases and business strategy