What are the key requirements of the General Data Protection Regulation?

The General Data Protection Regulation, or GDPR, is the European Union privacy law that applies to any organization processing personal data of EU residents regardless of where the organization is located. Key requirements include lawful basis for processing, purpose limitation, data minimization, accuracy, storage limitation, and integrity and confidentiality. It grants individuals rights including access, erasure also called the right to be forgotten, portability, and objection. ---