Everything an entrepreneur like you needs to know about GDPR 2018

Tech giants like Facebook are the main target for new GDPR regulations, but they will affect everyone, including small businesses and startups.

Thanks to the wealth of emails sent out by the various tools and services you use, you’ve likely realized that the EU recently passed a new regulation for user privacy.

If you haven’t taken the time to read any of those emails, you could be in for a surprise. Here’s everything that entrepreneurs need to know about GDPR 2018, and why you should care about it:

First off, what does GDPR 2018 stand for?

GDPR 2018 stands for General Data Protection Regulation and will take in effect on the 25th of May 2018. It’s a new regulation that will take place across the EU, with increased user privacy and strict, severe punishments for companies that fail to protect personal data.

Who does this affect?

Any company that sells to customers in the EU, including US and UK based companies.

How is user privacy changing?

The big change for companies will involve their data collection process and infrastructure. Everything from what is collected, where it is collected, how the data is used, and how it is secured is covered in GDPR 2018.

Tracking will still be allowed, but companies need to be careful that they are doing it in the correct way. You will need to get a user’s explicit consent and provide them with the ability to opt out at any time. Additionally, this consent must be asked for in simple language and exclusive from other asks (such as opting in to receiving marketing emails)

As an example, a proper email collection form should now have two checkboxes asking consent. One to opt into marketing and sales emails and the other to provide consent for the collection and usage of their data.

7 Key Points to Keep in Mind

While you should definitely read the full document, you won’t be alone if you fell asleep during the second page! Don’t worry, we took the time to read through and there are 7 main points that GDPR emphasizes:

  1. User consent to tracking and the ability to opt out at any time
  2. Data breach notifications within 72 hours of a breach
  3. The user’s ability to access their own data
  4. The right to be forgotten, so at any point a customer can permanently delete all of their own data
  5. Data portability, or the right for a consumer to download and reuse the data elsewhere
  6. Emphasis on companies doing the most to protect consumer data
  7. Companies with over 250 employees must appoint a data protection officer.

Severe Penalties for Companies Which Don’t Comply

One of the biggest reasons companies will need to take GDPR seriously is the severe fines which would apply in the event of a breaching of these regulations. Companies that misuse data are able to be fined €20 million, or 4 percent of turnover — whichever is larger.

This fine could easily cripple a small business, and put a large hurting on even larger businesses. This means that it’s critical for you and your business to adhere to these regulations.

Useful links for GDPR 2018:

Arora Project is a full service marketing agency featuring a 100% success rate for crowdfunding campaigns. Interested in working with us? Explore how we can help your business.