GDPR – What Is It and Do You Need It?

When Change Sounds More Scary Than It Is

woman and man sitting on bench

 

Many of us have been flooded with emails from software firms, membership sites, and even social media providers about their updated privacy policy and this thing called GDPR …say, what?

GDPR Explained

The General Data Protection Regulation (GDPR) is new European Union (EU) law regarding data protection and privacy for all individuals within the EU and the European Economic Area (EEA). It became enforceable on May 25, 2018 and also addresses the export of personal data outside the EU and EEA.

As a means to give control to citizens and residents over their personal data, the GDPR requires that your Privacy Policy spell out a) what personal data you collect and store b) how that data is protected and managed and c) your rights as a consumer to access or request deletion of such data.

Does It Apply To My Business?

The short answer is, probably not. Unless you’re doing business with consumers or clients within the UK/EU, you’re not legally bound by the new GDPR regulations. However, experts agree that the U.S. is not far behind with new personal data requirements and most expect they will closely resemble the UE’s GDPR.

Here’s the thing: Consumers are getting more and more wise (and worried) about the collection and use of their private information, and there’s no better time than the present to give them some confidence when visiting your website.

At the very least, if your website doesn’t currently have a Privacy Policy and ‘Conditions of Use’ statement, you should create one and make the link easily accessible from your website’s footer.

While you’re at it, we suggest including some of the basic acknowledgments used in the new GDPR regs, as they cover common areas that consumers appreciate a heads up about.

 

woman whispering in man's ear

 

Covering The Basics

Google (maps, fonts, YouTube): If your website uses any tools from Google, or video embedded from YouTube, it should be mentioned in your Privacy Policy along with a link to Google’s Privacy Policy, which is GDPR compliant.

Any 3rd party plugin that collects and stores personal data, such as a list-building provider like MailChimp or Constant Contact, should be listed along with a link to their GDPR compliant Privacy Policy.

While not considered ‘personal identification data’, if you collect IP addresses for analytics, or for temporary use for contact form auto-responders, you should mention this.

 

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Contact Us