General Data Protection Regulation (GDPR)

GDPR came into force on May 25, 2018 and was intended to harmonize data privacy laws across Europe, to protect and empower all Union citizens’ data privacy, and to reshape the way organizations approach data privacy.

In order to fully understand GDPR and its intent, it is important that the following key concepts contained in GDPR are understood:

Personal Data - Any information relating to an identified or identifiable Data Subject, including business contact information and work product.

Processing - Collecting, recording, organizing, storing, using, retrieving, consulting, disclosing, destroying or combining Personal Data.

Controller - The person or entity who determines the "purposes and means" of processing Personal Data.

Processor - The person or entity who processes which processes Personal Data on behalf of the Controller.

Data Subject - The natural person whose Personal Data is protected by GDPR.

The University of Regina’s appointed GDPR representative is the Compliance and Contracts Advisor.

The following links are to help University Units comply with GDPR:

• Application of GDPR to Univiersity of Regina Activities
• GDPR Rules

Other Related Resources

• GOV 060 005 Freedom of Information and Protection of Privacy