As of May 2018, the EU General Data Protection Regulation (GDPR) legislation will be in effect, changing the way that you handle data in your business. The GDPR is the new data protection regulation that applies to the data protection directive that has protected EU citizen’s data.

So, what does this mean?

Up until now, those in the European Union have been working under the Data Protection Directive. It was approved in 1995 for the purpose of protecting the privacy of EU citizens. It also restricted the distribution of sensitive personal data outside EU countries.

But, more recently, the European Commission has developed the General Data Protection Regulation to standardise data protection requirements for all EU countries. It was adopted in April 2016 and will take effect on 25th May 2018.

This gives organisations eighteen months to adapt their business approaches, operations and security policies regarding data protection. In order for you to implement these changes, it is crucial that you understand the EU GDPR requirements. Failing to comply will result in a fine of up to €20 million, or 4% of your global annual turnover – whichever is highest.

BUT IT ONLY APPLIES TO EU CITIZEN’S PERSONAL DATA.

Therefore, it does not affect your marketing to the United States. But, if a US business is handling personal EU data, they have to comply with the GDPR. Any business that handles EU citizen’s personal data has to comply to the GDPR.

What about Brexit?

No matter what the UK position, as long as we trade with EU citizens and their data, we must continue to respect their rights. UK businesses still need to comply to the GDPR if they are planning on working with businesses in the EU and handling personal data. So you might as well say that Brexit has no impact in this area at all right now!

The United States

Luckily, when it comes to the US, they already have a similar ruling to the GPDR in place. So, when it comes to marketing, complying with the GDPR will actually make it easier to do business with those across the pond. You must remember, however, to comply with the Safe Harbour act when dealing with US companies. So, it’s best to make sure that your data is complying with the EU GDPR at all times.

Want to make sure that you are complying with the GDPR? Read our compliance checklist. 

Left it a bit last minute? Don’t fret, we’ve got perfect first aid for your company!