A new law in the European Union may have application to U.S. businesses. The European Union has taken the position that the protection of personal data is a fundamental right. As such, the European Union, over the years, has adopted regulations concerning the collection, processing, and use of personally identifiable information. The latest iteration, known as the GDPR (General Data Protection Regulations), went into effect on May 25, 2018. One significant change from previous privacy regulations is that processors of personal data outside the European Union now may be subject to the GDPR. Below are answers to frequently asked questions about the GDPR. Each business’ situation will be different depending on its collection and use of personal data.