The General Data Protection Regulation (GDPR) applies to all European Union (EU) countries. It also applies to any company doing business in those countries, independently of where the company is based.
The following EU countries are covered by the GDPR:
- Czech Republic
- The Netherlands
The following European countries have not adopted the GDPR:
- Bosnia and Herzegovina
- North Macedonia
The GDPR does not apply in the UK after the end of the Brexit transition period (31 December 2020). The Data Protection Act 2018 is the UK's implementation of the GDPR, which controls the collection and processing of the personal information of UK residents. The provisions of the European GDPR have been incorporated directly into UK law as the UK GDPR.
Turkey has not adopted the GDPR.