The European Union (EU) General Data Protection Regulation (GDPR) will take effect on May 25, 2018. GDPR is the most significant change to European data privacy in over 20 years. Whether or not you are in the European Union, failure to comply may result in fines up to 4 percent of annual revenue or more.
Any U.S. company that collects personally identifiable information or financial data through their website from someone physically located in one of the 28 EU member states is subject to the requirements of GDPR. Although this is not an exclusive list, it is especially important to review compliance regulations if you are a hospitality, travel, software services or eCommerce company.
Note: If EU consumers are outside the EU when the data is collected, the GDPR does not apply.
Personally identifiable information is any data that can be used to identify a specific individual. This includes name, social security number, physical or email address and phone number. Technology has expanded the scope to include login ids, social media posts, digital images or any identifiable behavioral data collected using analytics or personalization platforms.
This is not a comprehensive list but completing the following actions is a start and may even be sufficient for most U.S. based companies – for now at least.
To be successful online and stand above the competition you need the right web partner. Smart Solutions is 100% dedicated to your success.