GDPR is a regulation, which means that the regulation will come into force as such. Therefore, regulations have binding legal effect in every member state. Directive on the other hand means that the member states can decide how to achieve the goals set out in the directive and transpose them into national laws.
The EU-U.S. Data Privacy Framework: A Transatlantic honeymoon for data flows, but for how long?
The European Commission concluded that the United States ensures adequate protection for personal data transferred from the EU to U.S. companies under the EU-U.S. Data Privacy