Skip to Main Content
Idaho State University

General Data Protection Regulation (GDPR)

The European Union's General Data Protection Regulation (GDPR) is a new privacy law that went into effect on May 25, 2018. It governs the use of personal data and grants certain legal rights to people whose personal data is being collected and processed (Data Subject). It also imposes legal responsibilities on entities that control or process personal data. For the full text of the GDPR, see

ISU may update or change this website at any time. Your continued use of the University’s website and third party applications after any such change indicates your acceptance of these changes.

The information contained on this website is for informational purposes and does not constitute legal advice. Each individual case is different, and advice may vary depending on the situation. Further, the law and policy considerations may change as GDPR is implemented and analyzed a legal setting, and the information contained herein may not be updated as needed to maintain accuracy in a changing legal landscape.