Starting May 2018, the European Union’s General Data Protection Regulation, popularly known as GDPR comes into effect. The regulation is set to change the way businesses handle data and is expected to change many things. For 20 years now, the EU has been relying on a rule that has not been so effective. This is the first attempt at bringing sanity to the data security in EU.
The rules require that any EU based company or a multinational cooperation MUST comply with the regulations or face penalties for non-compliance. Many companies that have no direct operations in the member states of the EU have assumed this rule till they find that they are also required to comply with the rule.
So, if you are a US based company and you have a web presence (well, which company hasn’t?) and market their products over the web have to comply.
The Territorial Scope of GDPR
Many companies have ignored this fact, and might soon find themselves in hot soup depending on their presence within the EU. This is because of the geographical rules that govern the regulations.
Article 3 of the much-anticipated rules state that if at all you collect data or any behavioural information from someone who lives in any of the 28 states of the EU, you need to comply with the requirements of the GDPR.
The law applies to you if the consumers that you collect data from being in the EU at the time you collect the data. For those citizens of the EU that aren’t in the member states when you collect the data, the rule doesn’t apply at all.
If you perform just a financial transaction without collection of the data, then the GDPR won’t kick in at all. But if the transaction comes along with the collection of personal data, then this rule kicks in.
Which US Businesses are affected by the GDPR?
So, which businesses are most likely to fall under the GDPR? If you are hospitality, software provider, travel or e-commerce Company that is based in the US, then you need to look at your online marketing practices and know whether you fall under the scope of GDPR.
If you have doubts about your position in this rule, then you need to talk to the experts to know what you need to do. Talk to the experts over at Amazing Support to know whether you need to comply, and get the help you need to beat the deadline.
Consent and Fines
For companies in the US with connections to EU customers, online forms have to be adjusted so that they can obtain consent the right way. As a company, you need to have a clear description of how the information collected in the forms will be used. Once you collect the data, you have to protect it under GDPR presets.
As a US company with business in any of the EU states, you need to make sure that you know whether you are supposed to comply with the GDPR.