The European Union (EU) General Data Protection Regulation 2016 (GDPR) came into force on 25 May 2018. A brief summary of the GDPR can be found here: https://www.mayerbrown.com/The-GDPR-The-Changes-That-Will-Affect-Your-Business-05-25-2018/.
Organisations in Hong Kong may need to comply with the GDPR if it (1) has an establishment in the EU, where personal data is processed in the context of the activities of the establishment, regardless of whether the data is actually processed in the EU, or (2) does not have an establishment in the EU, but offers goods or services to or monitor the behaviour of individuals in the EU.