The Blog Lawyer

  • About
  • Contact
  • Podcast
  • Legal

GDPR is Coming……………Are You Ready?

May 9, 2018 by Mark 1 Comment

 

**

What the Heck is GDPR and Why Should I Care?

If you’re a blogger, chances are pretty good that you’ve heard about the “GDPR” at some point in the last few weeks/months. The chances are also pretty good that you don’t really know what it means, don’t know how or if it applies to you, or what to do about it. It can be very confusing and many bloggers are feeling a bit overwhelmed. However, not knowing about the GDPR is no longer a viable option moving forward because it’s about to take effect and what you don’t know can definitely hurt you.

Have no fear (o.k., maybe a little fear but we’ll work on it) and hang on for the ride. This is the first in a series of posts on the GDPR that will help you get up to speed.

What is the GDPR?

The General Data Protection Regulation (“GDPR”) is a legal framework designed to enhance personal data protection and privacy for all citizens of the European Union (“EU”) and Switzerland. It also addresses the export of personal data outside the EU to other countries like the United States of America. One important goal of the GDPR is to give EU citizens more control  over their personal data and to simplify the regulatory environment for international business by unifying privacy protections within the EU. Two years in the making, certain data protection provisions of the GDPR become enforceable on May 25, 2018.

Does the GDPR Apply to Me?

If you collect or store or process personal information or data (think name, email address, phone number, IP address, etc.) from people who live in the EU or Switzerland, the GDPR applies to your collection and use of that personal data. This includes personal data stored in cookies, used for email or newsletter lists, marketing communications, payment information, etc. Basically, as defined under EU law, personal data means “any information relating to an identified or identifiable natural person” that can be used to directly or indirectly identify someone.

Why Does it Matter?

Failure to comply with the provisions of the GDPR can lead to hefty fines. Even though you don’t live in the EU, you can still be fined.  The US government and the EU have already negotiated various cooperative agreements  for enforcement of the GDPR and more are in the works. Additionally, international courts are increasingly and more aggressively looking to force US companies to comply with the more stringent data privacy rules found in the EU.

What Does the GDPR Require?

The GDPR requires you to treat personal data with respect and to be responsive to inquiries and instructions from the individual identified by the personal data. Some of the specific requirements are listed below (this is not a complete list, but it’s a good start).

In practical terms, under the GDRP, you must:

  1. Get permission to collect all personal data before you collect it.
  2. Only collect the personal data that is necessary.
  3. Be completely transparent in how you will use the personal data that you collect.
  4. Store and process the personal data in a secure manner.
  5. Allow a person to review the personal data you have about them.
  6. Delete personal data upon request of the person identified by the personal data.
  7. Promptly report any data breach involving the personal data.
  8. Be subject to third party review of your use (or abuse) of personal data.

So, here are a few tips to get started with GDPR compliance.

Don’t

  1. Panic. Seriously, keep calm and say to yourself, “I can do this.” Because you can.
  2. Stick your head in the sand and hope it goes away. GDPR is not going away so the sooner you understand it and get  your proverbial ducks in a row, the better.
  3. Pretend it doesn’t matter. It does. You’re not likely to get hit with a fine on May 28 but you should do everything you can do now. Waiting won’t make it better.
  4. Keep on doing things the way you always have. The world is changing all around us. Data privacy is kind of a big deal, especially in the EU. If you want to build success in the blogging world, you need to understand and follow the rules.

Do

  1. Start to assess the data you collect. You need to understand exactly what kind of data you are gathering from your followers/customers/clients. Where did it come from? How did you get it? How is it stored? Where is it stored?
  2. Identify and review service provider contracts. Every service provider that you share personal data with needs to be identified and the contracts that you have with them will need to be reviewed and updated for compliance with the GDPR, if necessary. This includes contracts with web hosting providers, affiliate partners, payment processing companies, etc.
  3. Review and revise your privacy policy, if necessary. Your privacy policy will likely need to be revised to compliant with the GDPR. The GDPR requires that certain language be included in your privacy policy.
  4. Get help if you need it. The GDPR is a new thing and it probably seems a bit overwhelming. There are people out there who can help. If you don’t know what to do, find someone who does.

Remember – Be Smart. Be Legal.

 Disclaimer – Yes, I’m a lawyer, but I’m not your lawyer. All information in this post is provided for educational purposes only and should not be considered legal advice for any specific person or any specific situation.

 

** Photo Credit – By Stéfan Le Dû from Nantes, France – This way. Or maybe this way. Wait. No. This way.Uploaded by Chime, CC BY-SA 2.0, https://commons.wikimedia.org/w/index.php?curid=9528894

Filed Under: Business, Compliance, Social Media, Website

Comments

  1. Anonymous says

    May 21, 2021 at 6:44 am

    nice thanks for sharing information

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Subscribe For Free Email Updates

Stay Connected

  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter

© Copyright 2014-2023 The Blog Lawyer · All Rights Reserved

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.