The GDPR is the General Data Protection Regulation and as the home page of the EU GDPR site says:
After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. It will enter in force 20 days after its publication in the EU Official Journal and will be directly application in all members states two years after this date. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance will face heavy fines.
This regulation, or set or regulations, governs data security and the privacy of individuals. As the EU GDPR home page also says:
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found throughout this site.
The details of the GDPR are lengthy and complex, and you can read a summary of the main points on the Wikipedia General Data Protection Regulation page.
Regarding CiviHosting and our compliance with these laws, we are GDPR compliant. However, please note that our liability is only to the extent of the private information of our own customers. We do not and cannot act as the “data controller” for any data stored, processed or transmitted by our ustomers on their accounts. If an account holder intends to store and/or process personal information on their hosting account, they have to consider and implement the GDPR themselves.