It doesn’t matter why people are giving you their data, it only matters that you collect such data. Clients donating you money through a crowdfunding campaign are still vulnerable and are protected by the GDPR. As to the newsletters that you will be sending them, you need to ask for their explicit and separate consent. – Siteground.
The countdown is on for General Data Protection Regulation (GDPR) Compliance with the deadline May 25, 2018. Well, we don’t sell anything to the European Union… do we have to worry, probably not. But, since we can’t say in all honesty, we are not concerned at ALL about privacy laws, we are going to work on our terms and policies. Stay tuned for that. But do read on…
So, how does this affect American businesses? According to MARTECH Today: Recognizing that data can travel well beyond the borders of the EU, GDPR provides protection to EU citizens no matter where their data travels. This means that any company, anywhere, that has a database that includes EU citizens is bound by its rules. Businesses of all sizes are affected — from micro to multinational. No one is exemptIn order to comply, American companies can either block EU users altogether (an impossible choice for a multinational brand) or have processes in place to ensure compliance.
What does this all mean to small American businesses? This topic has so many moving parts its hard to find the time to keep up with it all. But it’s clear that as we continue to move forward with global commerce and digital interaction—all thanks to technology— businesses that have an online presence need a to keep up. Playing on the big, digital field requires us to continue to learn, expand, communicate and be responsible.
My associates and I always wondered why people were not outraged that our information is so much a cyber risk every second. Furthermore, over recent years large corporations have taken many, many months to announce data breaches. Why is it ok and common practice for our personal information to be handed over to the highest bidders all in the name of “profiling”? Hmm. Maybe that was an oversight, maybe not.
Policies and Terms of Use for websites should be reviewed by your company legal team. And, for the sake of your company’s brand, consider this: 1) treat your customers data as if it were your child’s, 2) develop policies and terms of use if your company does not have them in place already, 3) establish protocols for your brand in the event of a breach, 4) educate your staff on the standards being established that protects consumers, 5) have professionals oversee and coach your staff to manage your company data for quality (not quantity) and security, beyond the 3rd party softwares you are using, 6) last but not least, do not underestimate cyber security.
To learn more about GDPR, and the data trending, below are resources I recommend.
Forbes Magazine Yes, The GDPR Will Affect Your U.S.-Based Business
HubSpot The GDPR will come into force in May 2018. Are you ready?
MARTECH Today Questions Remain About GDPR enforcement in the US as the compliance deadline inches closer...
If you have further questions, please contact us.