View are my own
By now you have most likely been seeing references to GDPR all over your social media timelines. If you own a business that offers products or services through an eCommerce site you should be aware of what GDPR is and how it will impact how you conduct business with your customers in the EU.
What exactly is GDPR?
General Data Protection Regulation is a data protection law which was passed back in 2016 and derives from the 1995 Data Protection Directive focused on protecting the personal data of EU citizens and residents.
With recent events such as the Equifax breach and Facebook’s cambridge incident, the information being collected about us involuntarily is disturbing, especially when you find out that hackers now have your information that you did not give explicit consent to being collected.
The deadline for compliance is May 25, 2018, I am not sure if it is a strict deadline but your organization should be able to demonstrate steps are being taken to at least meet compliance.
Currently the penalty for GDPR compliance is up to 4% of your organization’s global turnover or $20 million whichever is more.
What is your organization's responsibility?
Ignorance of the law is never an excuse, this information is not legal advice, the best advice I will give you is to contact a lawyer for guidance on what your organization should be doing to meet compliance.
Your business is defined as a data controller, your hosting company would be defined as a data processor.
Steps your organization can take for compliance
Guide to the General Data Protection Regulation (GDPR)
General Data Protection Guide
Data Protection in the EU