Is the business GDPR Compliant Yet?

This week it's been less about Facebook and much more about GDPR or the General Data Protection Regulation.

The GDPR handles privacy and data regulation in Europe. Now, if you're reading this then most likely you are a business located in the Usa are pondering what European laws relate to you. So glad you asked.

If you read the last blog post about Facebook and have seen this news lately, the world is deeply concerned with privacy issues. I believe Edward Snowden started the trend and it simply never left.

If you've got a website, Instagram, use online payment processing, etc. you've also probably received an e-mail now stating that the privacy policy has been updated and also you needed to click to understand said update.

That is exactly what the GDPR is doing. The brand new law of the land becomes enforceable May 25 2023 even though it was enacted in April of 2023. The new law of the land states that simply opting in to your email list is not enough to be considered consent.

Now users must expressly give consent that they have seen and comprehend the privacy policy. Whether or not they actually browse the policy or otherwise is up to them.

So how does this impact your company?

If you do any company in Europe whatsoever, this impacts your company. There are some simple changes that require to happen before May 25 to be compliant.

 

  1. Send an email for your entire list with your privacy policy

Send an e-mail for your list having a connect to the privacy and a button to express they have read it and therefore are choosing to stay on your list. A quick simple email will do the secret to make sure you're staying compliant.

  1. Privacy link inside your opt-in

Moving forward, on any opt-in page make sure there is a link to the privacy policy with a check box to allow them to acknowledge the user has witnessed it. Again, whether or not they see clearly is positioned on them. The most important thing is having acknowledged consent.

While this new law only pertains to those in Europe, if your business has global reach, you're ready to implement some changes. Also, in case your clients are not conducting business in Europe, within the wake from the privacy concerns, it might be a good proactive move to just send that online privacy policy and obtain expressed consent out of your users.