Privacy Policy

What is General Data Protection Regulation (GDPR) and What Does it Have to do With Me?

On May 25, 2018, the General Data Protection Regulation (GDPR), a new European law, went into effect. The GDPR is designed to protect EU citizens’ personal data from misuse. While it primarily applies to European Union (EU) countries, under certain circumstances it will also apply to many other countries, including the United States (US). Unlike preceding EU directives, this is an enforceable regulation and non-compliant companies can face stiff fines.

The European Commission defines personal data as any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from simply your name to something more serious, such as your medical information. What else might be on that list? A computer’s IP address, posts on social media sites, bank details! If you have a form on your website that collects data and someone from a European country fills it out, you must disclose your personal data policy. Why? Because not only does the regulation apply to the EU, it also applies to any company in any country doing business over the Internet with anyone in the EU.  Even if visitors do not make a purchase, if your company is collecting personally identifiable data without complete transparency as to why the data was collected and how it will be used, your company will be in violation. So, if you are collecting data get in compliance quickly. It’s not a simple update, it takes some effort. It means creating and implementing a privacy policy.

Here are some links to online resources:

The Marketing Department Blog – GDPR – Ignore it at Your Peril:

SAS – Five Steps to Sustainable GDPR:

Firemon – GDPR is Nothing to Fear: