WTF Is The GDPR And How You Can Easily Get Compliant Before The Deadline
Spending any amount of time on the internet lately you have probably seen people losing their minds over the GDPR, General Data Protection Regulation. You may be one of those people losing their minds or you could be one of the few who have not yet heard of this interesting and rather boring piece of regulation.
Either way, I am going to do my best to break this down for you and help you understand what it means to you, the small business owner. I will also give you the scoop on an AMAZING resource to help you easily and affordably get this shizz taken care of.
Some of the links in this post may contain affiliate links. That means if you purchase from the link I may receive a small commission. I only recommend products that I absolutely love and stand behind.
Before I dive in I want to give you a little disclaimer… I am not a lawyer and the information in this post, while helpful to you, is not in any way to be considered legal advice. If you have in-depth questions regarding the GDPR and what it means for you and your business I recommend seeking the advice of legal counsel.
Now that is out of the way lets take a look at what the GDPR is and what it could mean for your business.
WTF is the GDPR?
If you aren’t sure what the GDPR is let me break it down for you without all the legal terms.
The General Data Protection Regulation, or GDPR, is all about protecting the personal data of citizens of the EU. The GDPR is designed to give the citizens of the EU more control of their own personal information once they input into a businesses database.
In simple terms, the GDPR sets a standard that once a citizen from the EU gives you, a business, any personal information you must live up to certain safeguards of that information. More on this in a moment.
Do You Need To Comply?
This is probably the biggest question you have because if you do need to get your business ready you only have until May 25th. That’s right less than one month to make sure if you have to follow the GDPR that you are.
So do you need to comply with these new regulations? Possibly. If any of the following apply to your business chances are you will need to start getting your business ready.
1. Your business is in the EU or UK or you sell directly or work with others in the EU or UK
If your business is physically located in the EU you will need to comply with these new regulations. If your business is not physically in a country that is a member of the EU or UK but you work with other businesses or individuals located inside the EU or UK you will need to comply with the GDPR.
2. Your business advertises to customers in the EU or UK
If you run any advertising campaigns that target the EU you will need to comply with the GDPR. That goes for Facebook, Instagram, or Pinterest advertising as well.
3. Your business advertises in the language of an EU country
If you run advertising in a language used by any country within the EU you will need to comply. That means if you run a Facebook ad in German or French you will need to comply.
4. Your business has an internet suffix for that country
When you get a URL for your business you are in many cases given the option to purchase other domain suffixes besides just .com. If you run your business website and any suffix that relates to a country within the EU, such as .fr (France) or .uk (United Kingdom) you will need to use the new regulations
5. Your business accepts currency for that country
If you run an e-commerce website and you sell services and products to people within the EU and you accept their countries currency… you’ll have to comply with the GDPR. Now there is one small caveat with this, and that is it doesn’t matter whether the products you offer are paid or free. Even if you offer a “free” product you will still need to comply.
6. Your business collects personal information or behavioral data from anyone in the EU
This is the one that will probably be the one that wraps most of us up in the GDPR compliance and it has to do with the territorial scope of this regulation. Just because your business is outside the EU and doesn’t actively sell to EU citizens doesn’t mean you will be exempt.
Now, remember there are many nuances in this new regulation so always seek out the advice of a lawyer who is familiar with the GDPR.
What The GDPR Means For You
So what does the GDPR mean for you, especially if you are business owner outside the EU?
If you must comply with the GDPR there are few things you will be required to do by law.
1. Be transparent about the data you collect
If you are collecting names and email addresses of citizens in the EU to send them your email newsletter you need to be clear about exactly what that information will be used for. Same goes for mailing address, date of birth, credit card information etc.
2. Only gather relevant information
If you are only sending marketing emails to EU citizens make sure you only gather the information you need and nothing more. Do you really need to know their last name? If not, don’t ask them to input that information for you. The rule of thumb is to only ask for the information you absolutely must have to perform an action (send an email, process a payment etc)
3. Get consent from the individuals before using their information
Gone are the days of just asking for a name and email address. Now you have to get explicit content from the individual before using that information. That means letting them know exactly how their information will be used and for what purpose.
Where this can get a little tricky is if you operate an e-commerce store.
How do you comply with the GDPR?
If you are one of the lucky ones you may be asking yourself how you are supposed to make sure you are covering your a$$ and complying with these new rules before May 25th.
Well here are the three main areas of your business you are going to want to look over and make sure they are up to date with the new regulations:
Because of these new regulations, there is going to be specific wording you are going to have to include to make sure you are compliant.
2. EU Cookie Permissions Pop-up
3. Get Clear Consent To Use Their Information
Giving our friends in the EU an opportunity to opt-in to us using their information is probably the biggest hurdle we will have to get over. This means having a separate unchecked checkbox on all our opt-in forms and checkout pages. We must give them the opportunity to either agree or disagree with how we will use their information.
This can be as simple as giving them a statement on all our forms that state:
You are opting in to receive marketing information on behalf of (your business name). Do you consent to the collection of your name and email for the communications?” and giving them a separate checkbox to agree or disagree.
What happens if you don’t comply
If you decide you don’t want to comply and you are one the ones that need to, let’s just say no good can come of it. Seriously, a lot of rather bad things can happen like…
A 20 Million Euro fine. Yes, that’s right the EU could come after you and your business and slap a massive fine on you. I don’t know about you but a fine that large just isn’t something my business can pay right now.
And before you start thinking that it will be impossible for them to know if you comply or not there will be EU Data Protection officers scouring the internet looking for people who aren’t complying. And because the GDPR is a regulation and not directive it is enforceable in every country.
Now for the good news…
I know if you have made it this far you are probably one of the lucky ones that need to seriously start looking at ways to comply with the GDPR. You may be sweating, your stress level may be at a level 10 on the Richter scale, and you may be about to freak out. Please don’t freak out, I already did that for you and I have some good news for you.
When I first started looking into the GDPR and realized I need to get my business ready, and a few of my clients, I started to devour every bit of information I could. I asked in forums, did Google search after Google search, and even turned to Pinterest to help me figure out what the heck I was going to do. To say I was in a frenzied state would be an understatement.
But I stumbled upon a webinar hosted by Christina Scalera who owns and operates The Contract Shop. Christina is a gem and also happened to be a lawyer who is familiar with the GDPR. In that webinar is where I learned the most about the GDPR, what it means for me and others, and how we can quickly comply without breaking the bank or pulling our hair out.
Let me introduce you to GDPReady and online e-course that I guarantee will help you cut through the legal-ish and quickly implement strategies to become GDPR complaint.
To just tell you what you’ll receive when you take this course and why it’s the absolute best solution I have found to date:
Updated GDPR Terms & Conditions ($255 value)
GDPR Marketing Training- learn how to beat the GDPR at its own gain and stand out from the competition
GDPReady Implementation Checklist- everything you need to implement so you don’t miss a thing
GDPR Pop-up Walkthrough
EU Cookie Bar Decoded
GDPR Marketing Checklist
Email Templates For Consent
Data Storage Policy + Checklist
This course will give you not only the above but also the peace of mind to know that your business is covered and GDPReady.
If you don’t know where to begin? This course is for you.
If you don’t know what you need? This course is for you.
If you want to set it and forget it? This course is for you.
Christina and her team have taken great pains and spend 100’s of hours compiling an all in one resource to save you time, money, and most importantly your sanity. This e-course is hands down the most comprehensive and probably the best investment you can make for your business right now.
And guess what?!?!? Christina and her team are offering you a discount! Just use the code: MISTY when you checkout and you’ll get $10 off the GDPReady course.
If you are one of the lucky ones and need to comply with the GDPR regulations now is the time do it. Let me know if the comments if you have any questions or concerns.