Remember Y2K?! It was that crazy time when something called the Millennium Bug created a problem in the coding of computerized systems as they transitioned from 1999 to 2000. Remember how global havoc occurred as companies scrambled to prepare and make sure their businesses didn’t shut down? And then nothing happened.
If you’ve subscribed to an email list, bought products online, or even read a news article through your favorite publication — you’ve probably received 100s of emails from each place you’ve opted in about the GDPR and privacy policies.
If you’re not a business owner, you may wonder if you should care. Just like Y2K, it is important to be informed about what is going on. Who knows, you may decide to start blogging or selling courses online one day. When you do — you’ll need to know about the GDPR and privacy policies.
What Is The GDPR, Anyway?
According to Forbes, “the General Data Protection Regulation (“GDPR”) is a legal framework that requires businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. It covers all companies that deal with the data of EU citizens, specifically banks, insurance companies, and other financial companies.”
According to data security and analytics pioneer Varonis, “if a US company collects data from EU citizens, it will be under the same legal obligations as though the company had headquarters in say France, UK, or Germany — even though they don’t have any servers or offices there.”
GDPR Resources You Can Use
I’ve collected some GDPR resources to share with you. Keep in mind that I’m not a GDPR expert or a lawyer. If you have doubts, get legal counsel.
If you’re just waking up to the GDPR phenomena and wondering what to do, you may want to check out some of these:
If you’re using an email service provider, keep in mind that they are just as responsible as you for ensuring compliance. Here are some guides for each of the services I use with my clients:
GDPR & Bloggers
If you’re focused on blogging and live in the U.S., you may think the GDPR doesn’t impact you. Think again.
If you collect email addresses for any reason, you must be compliant.
Internationally renowned blogger Leslie Samuels (who happen to live in the EU) writes about what to do in his blog “What Is The GDPR and How Does It Affect Bloggers?”
My marketing friend and colleague, Adam Highfill writes about something called “Legitimate Interest,” which really makes sense to me. Here’s what Adam shared “Before you send a consent email to your entire list, I’d recommend checking to see if using "Legitimate Interest” to comply with GDPR works for your context. This is a much easier way (in my opinion) for many businesses to comply. Legitimate Interest “...is likely to be most appropriate where you use people’s data in ways they would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing." "The legitimate interests can be your own interests or the interests of third parties. They can include commercial interests, individual interests or broader societal benefits.” It doesn’t require your entire list to re-consent and will be much less intrusive for your opt-in forms going forward.”
You can read Legitimate Interest and the GDPR here.
The new law is complicated, but it doesn’t need to derail your business.
At the end of the day, you need to educate yourself and determine what you need to do to make sure you’re compliant.