establishes the legal boundaries for how organizations collect, use, and protect personal information, prioritizing individual rights and responsible data handling. It mandates informed consent, transparency in data practices, and data minimization, while enforcing robust security measures to prevent unauthorized access. Individuals are granted rights to access, correct, and delete their data, and cross-border data transfers are regulated to ensure consistent protection. Ultimately, data privacy law aims to balance the benefits of data processing with the fundamental right to privacy, with compliance enforced through penalties for violations.