GDPR — General Data Protection Regulation
You have been hearing about this issue for months now. You may also have noticed that you are getting “Privacy Policy” change notices in your email from different companies fairly often. This is all because of the GDPR. It went into effect May 25th, 2018.
What is it?
To put it simply, the GDPR does 3 things:
- It gives citizens and residents of the European Union the right to control their personal data
- It simplifies the regulatory environment by unifying regulations within the EU, and
- Provides a level playing field for all businesses in the EU
Does it apply to my business?
It applies to any organization that processes or stores personal information of EU member citizens, from a 1-person business to a multi-national corporation, anywhere in the world. This includes physical and digital files. So yes, it applies to you, unless you are a 100% cash-only business (past, present, future).
But, I only sell products and services locally?
This doesn’t matter. A EU member citizen can live anywhere in the world.
What if I don’t comply?
You can be fined and sanctioned.
What do I need to do now?
You need to get informed at the very least, and may need to make serious changes to how your business handles the personal information of customers and employees.