GDPR is a regulation, which means that the regulation will come into force as such. Therefore, regulations have binding legal effect in every member state. Directive on the other hand means that the member states can decide how to achieve the goals set out in the directive and transpose them into national laws.