hey guys today we gonna discuss the general data protection regulation or gdpr the gdpr is a law that is meant to protect user data in european union the law having drafted and passed by the eu in 2016 to protect data security the law imposes obligations onto organizations anywhere so long as they target or collect data related to people in the eu now history of the gdpr as technology progressed and the internet was invented the eu recognized the need for modern protections so in 1995 it passed the european data protection directive establishing minimum data privacy and security standards upon which each member state based its own implementing law but already the internet was morphing into the data hoover it is today in 1994 the first banner ad appeared online in 2000 a majority of financial institutions offered online banking in 2006 facebook opened to the public in 2011 a google user sued the company for scanning her emails two months after that europe's data protection authority declared the eu needed a comprehensive approach on personal data protection and work began to update the 1995 directive so what are gdpr principles data protection principles are number one lawfulness fairness and transparency processing must be lawful fair and transparent to the data subject number two is purpose limitation you must process data for the legitimate purposes specified explicitly to the data subject when you collected it number three is data minimization you should collect and process only as much data as absolutely necessary for the purposes specified number four is accuracy you must keep personal data accurate and up to date number five is storage limitation you may only store personally identifying data for as long as necessary for the specified purpose number six integrity and confidentiality processing must be done in such a way as to ensure appropriate security integrity and confidentiality number seven is accountability the data controller is responsible for being able to demonstrate gdpr compliance with all of these principles now the question arises is there any exception to process data in the gdpr the answer is yes there is we'll discuss them one by one number one if the data subject gave you specific unambiguous consent to process the data number two processing is necessary to execute or to prepare to enter into a contract to which the data subject is a party number three is you need to process it to comply with a legal obligation of yours number four is you need to process the data to save somebody's life number five is processing is necessary to perform a task in the public interest or to carry out some official function that's all for now thanks for watching this video if you like this video give it a thumbs up share it with your friends and don't forget to subscribe to the channel you