The GDPR Law goes into effect on May 25, 2018. Are you ready?
If you work in Direct Marketing, Social Media, or Email Marketing, GDPR may affect how you do it. That mean’s it is important to have a basic understanding of the new law and get legal advice if needed- there can be serious consequences for non-compliance!
What is GDPR LAW?
The General Data Protection Regulation (GDPR) was created by the European Parliament and Council, designed to limit the amount of data brands can collect from users based in the EU. This new law will go into effect on May 25, 2018, in the European Union.
It is a regulation covering data protection and addresses the export of personal data outside the EU. GDPR seeks to create a harmonized data protection law framework to give citizens back control of their personal data. It also imposes strict rules on those hosting and ‘processing’ this data, anywhere in the world. The Regulation also introduces rules relating to the free movement of personal data within and outside the EU. Learn More
Once in effect, the GDPR law will require sites to update their processes and functionality in order to:
- Inform users of what personal data brands are looking for them to share
- Prompt users to provide active consent for the brand to collect the data, or opt-out of having it collected
- Provide users with access tot heir data and allow users to easily erase it Learn More
Failure to follow the new regulations can result in fines up to a hefty $27 million or 4% of global sales (whichever is larger) for major infractions and up to $13.5 million or 4% of global sales for other violations.
What data is covered in GDPR?
Personal Data is covered in GDPR Law. Personal Data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, are also considered personal data. Learn More
Personal Data includes:
PII (Personal Identifiable Information) Data:
- E-mail address
- Phone number
- Financial information
- Health and genetic data
- Biometrics data
- Race or ethnicity
- Political opinions
- Sexual orientation
- Customer loyalty data
- Social media posts
- Cookie identifiers
- Device ID
- IP/Client ID
- Login IDs
The GDPR law does not protect the data of legal entities. Only personal data of “natural persons” are addressed. Business, non-profit organization and government data are not covered. Only data that relate to an identified or identifiable natural person are regulated by the GDPR. Learn More
Who is impacted by GDPR?
Everyone, not just the European Union. It is a global regulation and its compliance is mandatory for all companies that have potential customers in the EU. Even if your operations are based in the U.S., but you use data to market and sell products or services to customers (or website visitors) that may reside in the EU, this legislation applies to you. And non-compliance means exposure to those large fines.
Marketing Influence is obligated to be compliant in our own practices, as well as in our strategy and execution for clients. We recommend that you follow a compliance checklist to ensure your brand is compliant with the GDPR regulations and consult with your legal advisor for further details.
Note: This document is issued for informational purposes only. We are not attorneys, and this is not intended to constitute legal advice. The information contained herein does not constitute legal opinion and should not be regarded as a substitute for legal advice. Given the importance of the subject matter, if you have any legal questions about the information or topic presented here, we definitely recommend you seek the advice of an attorney.
Interested in our article on Are You Ready For GDPR Law? Share your thoughts and comments below or contact us to learn more.