This lecture provides an overview of the legal aspects of data protection, focusing on the principles and rights established under the General Data Protection Regulation (GDPR). It begins with a historical context, discussing the evolution of data protection laws from the 1970s to the present, highlighting key milestones and international instruments that have shaped current regulations. The instructor explains the broad definition of personal data and the various legal bases for processing such data, emphasizing the importance of consent and the rights of individuals. The lecture also covers the principles of data processing, including lawfulness, fairness, transparency, and accountability. Additionally, it addresses the challenges of regulating privacy in the context of modern technology and online tracking, illustrating how these issues intersect with data rights. The session concludes with a discussion on the enforcement of data protection laws and the role of regulatory bodies in ensuring compliance.