The EU’s comprehensive data protection framework governing processing of personal data. In AI, GDPR concepts commonly implicated include lawful basis, transparency, data minimization, purpose limitation, security, cross-border transfers, and rights (e.g., access, deletion, objection); applicability depends on the processing context and the roles of controller/processor.
See: Automated decision-making; Controller / processor; Personal data