The General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. Created to provide more control and better privacy protection to European Union residents, the GDPR compliance regulation affects all companies that are either marketing to or collecting data from EU consumers.
What US Marketers Need to Know?
Even if you work on US brands, your marketing may still be reaching shoppers from the EU—in fact, the terms used in the legislation are “data subject” and “natural persons,” which include non-citizen residents of and visitors to the EU for the duration of their stay. Therefore, consider that your next email promotion could reach U.S. citizens who are traveling or spending time living abroad and be subject to this legislation.
Also keep in mind that the GDPR can apply to brick-and-mortar as well as e-commerce. For example, shoppers paying with a credit or debit card, providing personal information such as a name or shipping address, or participating in a customer loyalty program can all fall under GDPR protections.
As far as financial penalties, non-compliance can lead to a maximum penalty of 20 million euros or 4% of your total global revenues, whichever is greater.
What Can Shoppers Do?