When Change Sounds Scarier Than It Is
The General Data Protection Regulation (GDPR) is a new European Union (EU) law regarding data protection and privacy for all individuals within the EU and the European Economic Area (EEA). It became enforceable on May 25, 2018, and also addresses the export of personal data outside the EU and EEA.
a) What personal data you collect and store.
b) How that data is protected and managed.
c) Your rights as a consumer to access or request deletion of such data.
Does It Apply To My Business?
The short answer is, probably not. Unless you’re doing business with consumers or clients within the UK/EU, you’re not legally bound by the new GDPR regulations. However, experts agree that the U.S. is not far behind with new personal data requirements and most expect they will closely resemble the UE’s GDPR.
Here’s the thing: Consumers are getting wiser and wiser (and worried) about the collection and use of their private information, and there’s no better time than the present to give them some confidence when visiting your website.
Covering The Basics
While not considered ‘personal identification data’, if you collect IP addresses for analytics, or for temporary use for contact form auto-responders, you should mention this.