The date has come (25 May 2018) for business with clients or subscribers in the European Union (EU) to be compliant with the General Data Privacy Regulation (GDPR) or face hefty fines.
Here is what you need to know about the GDPR
The GDPR is a European privacy law approved by the European Commission in 2016. The enforcement date is 25 May 2018 at which time those companies in non-compliance may face fines.
The GDPR applies to you if you collect, organize, store or perform any operation on personal data of people living in the EU even if you don’t reside in a European country.
Your EU customers and subscribers:
- Can ask about personal data, how and why it is being used at any time.
- Can request a copy of personal information at any time.
- Can update (or request updates to) personal information at any time.
- Can request that you erase their personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
- May unsubscribe from any of your emails at any time.
What you should do before 25 May 2018
- Create or update your privacy policies
- Get explicit consent from your subscribers
- Document and communicate a process for data requests from clients and subscribers.
- Keep comprehensive records of how you collect personal data.
https://www.eugdpr.org, http://newsroom.fb.com/news/2018/04/new-privacy-protections/, and https://blog.aweber.com/email-marketing/your-gdpr-email-marketing-playbook-how-to-prepare-for-the-new-eu-data-law.htm?id=336470