Part 1 – What is GDPR and will it affect your business?

What is GDPR?

As you may be aware, there is a deadline looming on May 25, 2018 for compliance with something called GDPR, which stands for General Data Protection Regulation. This legislation focuses on the way in which private data belonging to citizens of the European Union (EU) is collected, stored and distributed.

Why was GDPR introduced?

GDPR focuses on giving control back to consumers. It was implemented to allow people to have more control over their personal data, and to know exactly how companies are using that data if they have agreed to allow a business to use or store their private data.

Do American companies need to be GDPR compliant?

Many companies outside the EU incorrectly assume that the GDPR will not apply to them. However, it applies to every organization offering goods and services to EU citizens. Therefore, even if your business is located in the United States, these European regulations will still impact your business.

All companies around the world who work with EU citizens are required to take action before the deadline. It does not matter where you are located in the world, if you are dealing with EU citizens, you need to comply with GDPR.

Those who do not comply with GDPR regulations will face hefty fines. The regulation states that fines can be the greater of either 4% of an organization’s annual revenue or €20 million (almost $25 million). Given the size of the penalties, there is no reason for your company to risk noncompliance. Furthermore, it is only a matter of time before other jurisdictions implement similar regulations, which means that in the long run you cannot avoid implementing these changes to your website.

In future installments, we will look at what the GDPR specifically requires and how you can insure compliance.

………………………

DISCLAIMER: This article was prepared by Startup Cleveland for informational purposes only, and you should not consider it legal advice. We recommend that you seek legal and other professional counsel to determine exactly how the GDPR might apply to you. Neither Startup Cleveland or the author accepts any responsibility or liability that might occur directly or indirectly as a consequence of the use, application or reliance on this material.