Itʹs official. The General Data Protection Regulation (GDPR) has started to apply directly in all member states with the aim of safeguarding the processing of personal data of all natural persons within the European Union. The Regulation is seen as the most comprehensive ‘upgrade’ of data protection rules over the last two decades as it repeals Directive 95/46/EC enacted in the distant 1995. GDPR standardises and strengthens citizensʹ rights when it comes to collecting and  processing  personal  data  while  also  empowering national data protection authorities to supervise this new ambitious framework, by enhancing  their  responsibilities  and  ensuring  the possibility of heavy fines at their disposal. European and global businesses (big and small) had two years to adapt to the new onerous requirements  which  demanded  administrative,  technical and even strategic changes in the way they operate. The following In Brief aims to highlight the essence of the Regulationʹs 99 Articles and analyse the potential impact of GDPR on both users and business.