Why your inbox has been flooded by Privacy Policy updates: GDPR for Dummies (or everyone not located in the European Union)

By now you’ve probably heard about the European Union’s GDPR rules that went into effect in late May; it’s the reason your inbox has been flooded with Privacy Policy updates.

If your business hasn’t already updated your privacy practices and policy, it’s not too late, but it isn’t something you want to procrastinate on either. The GDPR gives the EU the power to impose fines on companies that run afoul of this new regulation...even companies and small businesses located in the U.S.

What does GDPR stand for?

General Data Protection Regulation.

What in tarnation is the GDPR anyway?

Just in case there weren’t enough acronyms in the world, the EU decided to create another. The European Commission’s website defines the General Data Protection Regulation (GDPR) as “rules for the protection of personal data inside and outside the EU”, and includes “rules on international transfers of personal data”, “protecting personal data in non-EU countries”, and transferring “personal data to other countries”. Clear as mud, huh?

But the GDPR has an impact beyond the borders of the EU because, let’s face it, the internet doesn’t stop at any country’s border. This is the reason even U.S.-based companies have had to update their online policies.

Yes, even the little guy needs to comply.

So what does the GDPR mean for a small business in the U.S. that is operating a website on the internet in 2018?

To start with, take a deep breath...and slowly exhale: The reality is that your small business is unlikely to be fined as a result of this new regulation. Odds are the EU primarily will target larger, multinational corporations that haven’t proactively adapted their Terms of Service and Privacy Policies yet. Or followed the rules of these terms and policies.

However, there are a couple of things you will need to do in order to bring your company’s website into compliance with GDPR and maintain site visitors’ privacy. Organizations must:

• Process data for only authorized purposes

• Ensure the integrity and accuracy of information

• Minimize the exposure of subject identities

• Implement data security measures

If you’re like most small business owners (and you aren’t a website guru), that list may sound pretty daunting. Again, I encourage you to take a cleansing breath: Help is available to begin bringing your company into compliance with GDPR.

Talk to a lawyer specializing in online business and privacy policies.

It also wouldn’t hurt for you to consult with an experienced web development company to learn how to implement these new EU regulations. We at Ethode can help; we have the know-how to simplify the GDPR compliance process for your company and the technical expertise to implement new privacy and data security practices on your website.

The internet has made the world a much smaller place and the GDPR is a reflection of this reality. But this new EU-based regulation doesn’t have to turn your American Dream of owning your own business into a nightmare. Ethode can make GDPR compliance as easy as good ol’ American apple pie, so let’s rock n’ roll! Contact us today.