GDPR (General Data Protection Regulation) is a regulation to ensure that the companies working in the European Union region in e-commerce domain comply with a set of rules in order to safeguards customer’s data and their privacy. It also requires them to completely wipe off user’s data when requested by the user. So, basically this is an attempt at empowering general user and giving them ownership of their own data. In the light of recent incidents such as Cambridge Analytica Scandal involving Facebook, enforcement of GDPR (enforceable from 25 May 2018) has been received with very much enthusiasm and anticipation.