The new personal data protection rules (GDPR) are a European regulation that will enforce a stronger data protection regime for organizations operating in the EU/EEA and handling EU/EEA citizens' personal data. The new Personal Protection Act came into force in Norway in May 2018, and all organizations operating in the EU/EEA must comply with the regulation to avoid fines.
