While browsing your favorite apps, social media, and blogs recently, you may have noticed every publisher and their brother is telling you their Terms and Conditions have changed. So, you hit “Accept” with no further thought to figure out what funny cat video Karen tweeted about over lunch today. All of the new Privacy Policy and Terms & Agreement dialogue boxes you’ve been receiving as soon as you enter a website is thanks to the European Union’s new legislation set to be effective May 25, named the General Data Protection Regulation (GDPR).

If you’re not in the industry, you have no idea the fear and stress this 4-letter acronym instills in the hearts of men and women. GDPR was legislation passed about a year ago, and it provides strict guidelines companies must follow to gather, store, and share Internet users’ personal information. Not following the GDPR rules can mean massive financial fines in the ballpark of $25 million per violation.

GDPR rules are only effective if advertising to people in the geographical confines of the European Union. However, most global advertisers and publishers have changed the rules for everyone instead of having a GDPR rule book and a non-GDPR rule book. GDPR rules are outlined here if you’d like to learn more.

What’s interesting about the GDPR due date looming is the real-world application of the legislation rules if you know where to look. For example, if you’ve opened Twitter in the last month you may have seen a dialogue box greet you once you open the mobile app. It tells you Twitter stores certain information about you, like your bio, assumed interests, and audiences you’re a part of in the Twitter universe. You can even get a data report that includes the data Twitter has stored about you as a user. All of this information can be found in your Twitter account settings.

When a report is given to you in a neat package, it can be overwhelming. You may think “why does Twitter have so much information about me?” or “I’m going to move to a hut in the mountains of Greenland where Twitter and Facebook can’t find me.” However, really think about the information that is made readily available for publishers, advertisers, and data companies on the Internet. GDPR rules have made it easier for users to view what data Internet companies have collected. However, before we cloister ourselves in remote places or demand advertisers not use behavioral data, we should step back and think about the information we share, and the terms and conditions we agree to, without a second thought.

Does Facebook really need to know you’ve checked-in at the mall four times today? Does Twitter really need to know you got matching socks for you and your dog? Does Instagram really need to know what you ate for dinner today, while you tagged where your house is located? We share all of this information and more on the open Internet to millions of strangers, then we get upset when we find out it is stored and used to make a profile about us.

GDPR rules will make data transparent and protect your login information from hackers – those are great things! However, as Internet users, we need to keep in mind that if we don’t want advertisers, politicians, Susan next door, and our grandpa to know our favorite color, maybe we shouldn’t share it with millions of strangers on the Internet.