Is your company ready for GDPR?

This week it’s been less about Facebook and more about GDPR or the General Data Protection Regulation.

The GDPR deals with privacy and data regulation in Europe. Now, if you’re reading this then more than likely you’re a business based in the United States are wondering what European laws have to do with you. So glad you asked.

If you read the last blog post about Facebook and have seen the news lately, the world is deeply concerned with privacy issues. I think Edward Snowden started the trend and it simply never left.

If you have a website, Instagram, use online payment processing, etc. you’ve also probably received an email this week stating that the privacy policy has been updated and you had to click to acknowledge said update.

That is what the GDPR is doing. The new law of the land becomes enforceable May 25 2018 even though it was enacted in April of 2016. The new law of the land states that simply opting in to your email list is not enough to be considered consent.

Now users must expressly give consent that they have seen and understand the privacy policy. Whether they actually read the policy or not is up to them.

So how does this impact your business?

If you do any business in Europe at all, this impacts your business. There are some simple changes that need to happen before May 25 to be compliant.

 

  1. Send an email to your entire email list with your privacy policy

Send an email to your list with a link to the privacy and a button to express that they have read it and are choosing to stay on your email list. A quick simple email will do the trick to make sure you’re staying compliant.

  1. Privacy link in your opt-in

Moving forward, on any opt-in page make sure there is a link to the privacy policy with a check box for them to acknowledge the user has seen it. Again, whether or not they read it is entirely on them. The most important thing is having acknowledged consent.

While this new law only applies to those in Europe, if your business has global reach, it’s time to implement some changes. Also, if your business is not doing business in Europe, in the wake of the privacy concerns, it would be a good proactive move to just send that privacy policy and get expressed consent from your users.