The General Data Protection Regulation (GDPR), ratified in 2016 and enforced from May 25, 2018, is a complex set of data protection regulations designed to safeguard the personal data of EU citizens online, with compliance required globally from any business handling such data. Non-compliance can result in hefty fines amounting to millions of dollars or a percentage of global revenue. PubNub offers tools to help developers with GDPR compliance by providing a checklist and a platform designed with security in mind. The regulation mandates that companies must manage requests from users to access, delete, or transfer their personal data, known as "the right to be forgotten," and ensure that data protection measures extend to third-party vendors. While personal data must be isolated and protected, derived data such as analytical insights do not require deletion, illustrating the complexity of compliance. As the GDPR influences web browsing, users often encounter consent requests for cookie data, emphasizing transparency and user rights over personal data.