Abstract: After two years of transition, the“General Data Protection Regulations”, known as the most stringent personal information protection legislation in the history of the European Union, came into force directly on all members of the European Union on May 25. In April 2016, GDPR was approved by the EU legislature, and the EU's 1995 Directive on the Protection of Individuals' Rights and Personal Data Processing and the Free Flow of Personal Data (hereinafter referred to as the“95 Directive”) was fully upgraded. The European Union has opened a new chapter in the protection of personal data. GDPR may have direct and far-reaching impact on China's corporate compliance, data management, related legislation, and foreign trade negotiations. In response to the relevant regulations and possible impacts of GDPR, measures should be taken as soon as possible to improve corporate compliance, strengthen data security supervision, formulate legislation on personal information protection, and handle foreign trade negotiations.

Key words: personal data, rights, compliance