GDPR (General Data Protection Regulation) is an essential legislation for the protection of personal data valid for the entire European Union from 25 May. 2018. In the Czech Republic, it is supplemented by the Act No. 110/2019 Coll., On the processing of personal data. This act finetunes some parts of the general regulation and provides for possible derogations, e.g., personal data processing for scientific, statistical, journalistic, or artistic purposes. In the Czech Republic, the Office for Personal Data Protection (ÚOOÚ) is the guarantor for the area of personal data protection.
The main objective of this legislation is to establish a uniform Europe-wide framework for EU Member States and provide individuals with a higher level of protection, increase the availability of information on where and how their personal data are processed and, in some cases, possibility to decide whether their personal data will be processed at all.