E: [email protected]
T: 01526 352919
The EU's General Data Protection Regulation (GDPR) came into effect on 25th May 2018 and will bring about the greatest change to European data security in over 20 years.
Even if you’ve only been vaguely aware of this, being based in the USA, you might think this does not affect you.
Our understanding is that this is simply NOT TRUE and the penalties for non compliance are extreme. Failure to comply with GDPR could lead to fines of up €20 million or 4% of the company’s total global revenue. Any USA company that has a website and markets their products or services over the web should be GDPR compliant.
Whilst it is up to YOU to decide whether you want your website to be GDPR compliant, our understanding is that any website - regardless of where the business is based - that asks people to complete an enquiry/booking form or collects data relating to people from in the EU should be GDPR compliant.
Furthermore, your customers expect it of you. It reassures them that you treat their data with respect.
Article 3 of the GDPR says that if you collect personal data or behavioral information from someone in an EU country, your company is subject to the requirements of the GDPR. Two points of clarification.1) The law only applies if the data subjects (as the GDPR refers to consumers), are in the EU when the data is collected. This makes sense: EU laws apply in the EU. For EU citizens outside the EU when the data is collected, the GDPR would not apply.
2) A financial transaction doesn’t have to have taken place in order for the extended scope of the law to kick in. If the organization just collects "personal data" - What you in the USA refer to as personally identifiable information (PII) - as part of a marketing survey, then the data would have to be protected GDPR-style. This includes anyone from the EU who completes an enquiry form on your website.In conclusion, we are only the messengers! We have no insight into how this will be enforced, but the penalties are extreme and our view is that it is better to be safe than sorry.
You can read more below about what needs to be done.
Read more at Forbes Magazine.
GDPR affects any business in the world storing information on EU citizens. GDPR protects people’s information, giving each person total control over what happens to their information. That data must always be protected and kept safe and secure.
Part of making your overall business GDPR compliant involves ensuring your website is compliant. We have thoroughly researched all the necessary requirements and tools required, and have a set procedure in place to go through each site and action all/any of the necessary steps to get your website GDPR compliant before the 25th May 2018.
As you can see, it is quite an involved process but we have refined the procedure to keep our costs and time down to a minimum, and thus reduce the set up cost to you. We would much prefer not to have to spend our time doing this - but it has to be done - and done properly using the right tools.
We can action everything for you but you need to let us know IMMEDIATELY, so we can ensure you are on our schedule to complete before
We can action everything for you but you need to let us know IMMEDIATELY, so we can ensure you are on our schedule to complete before 25th May 2018 (GDPR-DAY).Please note that if you host your own domain and don't already have an SSL Certificate, we will need your login details to make some changes to your DNS settings, or if you prefer to do this yourself, we will send you instructions on what to do.