Definition

GDPR

EU General Data Protection Regulation — the personal-data privacy regime that applies to any business handling EU resident data.

GDPR diligence covers: lawful basis for processing, data processing agreements with sub-processors, international transfer mechanisms (SCCs post-Schrems II), DPIA evidence for high-risk processing, breach notification readiness, and DSAR handling. Material non-compliance is treated as an indemnity item and can be a deal-killer in healthcare and consumer.