This year, I’m putting considerable energy into understanding and complying with the GDPR.
What is the GDPR?
The General Data Protection Regulation (GDPR) is a European law that goes into effect on May 25, 2018.
It impacts any professional commercial activities regarding natural persons residing in the EU, so that includes process personal information about natural person who lives in the EU, or sending commercial emails to any natural person who lives in the EU. Commercial emails include the offer of goods or services, even if you’re not doing it in exchange for money.
The purpose of this new law is to protect natural persons’ personal data, and it includes provisions about obtaining data subjects’ consent and using adequate security to protect their information. Failure to comply could result in millions of dollars in fines.
Who is Exempt from GDPR?
The GDPR does not apply to anyone who stores or uses person’s data for personal use – like if you maintain a personal database of contacts, and some of them happen to be people who live in the EU.
It also doesn’t apply to anonymous persons or dead people.
Complying with the GDPR
I have read the GDPR from cover to cover (260 pages). A significant amount of my work in early 2018 will be related to GDPR compliance – starting with my own company
My rule for my email list is people add themselves. It’s disrespectful when companies add you to their email list without consent, so I don’t do it. As a result, I have no idea where most of my subscribers are located. I have assume at least one of them is a person who resides in the EU, therefore the GDPR applies.
For the next few weeks, I’m going to be breaking down this law into it’s requirements and applying them to my business so I can, in turn, educate and help other companies modify their policies and practices before the law goes into effect on May 25, 2018.
This is not a law that companies can easily comply by adding a new paragraph to their terms of service. It will change their tactics and approach to content marketing.
If you want more information about GDPR, please watch this site and my YouTube channel because I’m creating a substantial amount of content on this topic. You can also send me an email (Note: I can’t give advice to non-clients). I use my mailing list to I share my thoughts about being a lawyer/entrepreneur, updates about projects I’m working on, upcoming speaking engagements, and I may provide information about products, services, and discounts. Please add yourself if you’re interested.
You can also connect with me on Twitter, Facebook, YouTube, or LinkedIn.
2 responses to “Preparing for GDPR: Are You Ready?”
[…] General Data Protection Regulation (GDPR) is the new law aimed at protecting individuals’ privacy and their personal data. All companies that send commercial emails to any person living in the EU […]
[…] General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. According to this new law aimed at protecting individuals’ privacy and their personal data, all companies that send commercial emails to any person living in the […]