After May 25, any company doing business with European Union citizens will be subject to the privacy safeguards of the General Data Protection Regulation (GDPR) approved by the 28-country coalition in 2016.

Basically, the law says companies must explain in plain terms what they do with the data they gather from users. They must also make it easy for users to opt-out of data gathering. Another rule will make it mandatory for companies to notify their data protection authority data breaches in the first 72 hours after a breach is caught.

Notably, the regulation will apply to social networking sites like Facebook, which said on Wednesday — after some PR back and forth — that it will be making the GDPR standard available to its users wherever there isn’t a conflict with local laws. Facebook recently came under fire after data from 87 million users, mostly in the U.S., was improperly shared with research firm Cambridge Analytica.

READ FULL ARTICLE HERE