On May 25, 2018, the European Union (EU) enacted their new regulation on EU law with the General Data Protection Regulation (GDPR). GDPR’s purpose is to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy.
If you are a website owner and your website collects any sort of personal data on visitors, even if you aren’t doing it intentionally, there is still a chance that a member of an EU country could visit your site and have their data saved.
Examples of personal data include the user’s name, physical or e-mail address, phone number, IP address, and more.
Basically, if you can use a piece of data to identify an EU resident, or combine it with other data to identify them – that’s personal data. EU citizens now have the right to access, erase, and correct errors in their personal data, object to the processing of it, and ask an organization to export it (even directly to a competitor). With the GDPR, you are legally obligated to comply with their requests.
User data can be collected in several ways, including online forms, newsletter signups, online purchases, through cookies, retargeting ads, and analytics. While some of the data is stored in your website database, other third-party services (like Constant Contact, Google Analytics, and MailChimp) will be collecting this information as well. As a website owner, you will need to know where this data is held, how to gain access to it, and how to delete it when necessary.
It takes some work to ensure your website is GDPR compliant, but it’s not difficult to achieve. If you’re a website owner and need help determining how to become GDPR compliant, here are a few resources for more information:
Sutherland Weston Marketing Communications (Bangor, Maine)
Sutherland Weston and UniTel have worked together on a number of projects over the years, and Ken Lozier from the Sutherland Weston team put together a comprehensive brief, available on their website.
Forbes is one of the most trusted names in business, with its global reach. Forbes offered five tips specificly for marketing leaders back in May of 2018 when GDPR first went into effect.
Information Commissioner’s Office (UK)
The Information Commissioner’s Office (ico) is the UK’s independent authority set up to uphold information rights in the public interest. While this law affects citizens of the European Union (EU), if your website might attract visitors from the EU, you must still comply with the law. The perspective from the UK is here.