In a digital era, people live their lives mostly on the internet and shares their information easily to anybody. To prevent the infringement of individual rights and freedom and to supervise the data processing and administration in the European Union, the General Data Protection Regulation has been enacted and implemented. This Regulation emphasizes the protection of rights and freedom of data subjects to control the processing of their personal information. Meanwhile, it guides data controllers and processors for the practices, responsibilities and legal obligation. The Regulation applies to the data controller and processer both in and outside the territory of the European Union who process the data of natural persons in the Union. It also suggests about the competent authorities which response for data protection in the Union or in the European Economic Area. By studying this Regulation, besides getting more comprehension on the key principles of the Regulation, the terminology in the field of technology and legal context are also interesting and useful.