Alrighty lets start out with the basics. It stands for “General Data Protection Regulation” and the GDPR comes into effect on May 25, 2018. That said, many of us online entrepreneurs need to be ready for it and what it may mean for our business. First of all, don’t freak out! This isn’t going to be too complicated. The goal of the European Union when implementing this regulation was to give control of personal data back to consumers. I mean, we all want to be in control of our personal data, right?!?! And, with all the data breaches lately around the world, this is honestly a really good law. But, please know that while this is obviously geared toward companies within the EU, it may have implications on US companies. Here’s who it pertains to:
- Any company with presence in an EU country.
- No presence in the EU, but your company processes personal data of EU residents. (Thus, if you sell to EU residents or market to EU residents, you’ve got to comply!)
- For your Opt-ins:
- Have a very clear “consent” clause that indicates that the individual agrees to give you their data. (I.E. “You are opting in to receive communications from The Legal Paige. Do you consent to the collection of your name and email for these communications?”)
- Indicate that you WILL NOT share their data with any outside third-party without their consent
- Make it easy for them to withdraw their personal data or unsubscribe
- Indicate that “For children under 16, a person holding ‘parental responsibility’ must agree to data collection on their behalf.”
- Put all this in a “GDPR” website privacy policy (At the bottom of your website! Or on your privacy policy page!)
- Have an EU cookie permission up for EU residents that allows them to “accept”! (You can do this just for EU customers!)