GDPR was enacted by the EU in order to ensure that organizations (located not only in Europe, but anywhere in the world) that process the data of EU state citizens and residents comply with a strict set of data privacy rules. The provisions of the EU GDPR were incorporated directly into UK law at the end of the transition period and therefore, UK citizens and residents are provided the same protection over the processing of their data as their EU counterparts.