The European Parliament has approved new data protection rules for the European Union.

“Citizens will be able to decide for themselves which personal information they want to share,” said Jan Philipp Albrecht (Greens, DE).

It also sets minimum standards for the use of data for policing and judicial purposes.

The new rules include provisions on:

A right to be forgotten

“Clear and affirmative consent” to the processing of private data by the person concerned

A right to transfer your data to another service provider

The right to know when your data has been hacked

Ensuring that privacy policies are explained

Stronger enforcement and fines up to 4% of firms’ total worldwide annual turnover

The new regulations will be enforced 20 days after their publication in the EU Official Journal.

Member states will have two years to transpose the provisions of the directive into national law.

The directive’s provisions will only apply to a limited extent in the UK and Ireland, while Denmark can decide within six months after the final adoption whether it wants to make them law.

More on the right to be forgotten

EU working on “right to be forgotten” guidelines

Google under fire over “right to be forgotten”

Microsoft accepts “right to be forgotten” requests

Google flooded with “right to be forgotten” requests