Not sure what privacy regulations like GDPR mean for your business? Check out the questions below to learn more about this groundbreaking regulation, including:
- Does GDPR apply to my business?
- What happens if we’re not in compliance with GDPR?
- How do we get–and remain–compliant to protect our business and our consumers?
What is the General Data Protection Regulation?
The General Data Protection Regulation (or GDPR) is a data protection law that requires businesses to abide by privacy laws protecting the personal data and privacy of all individuals in the European Economic Area (EEA).
Even though GDPR was drafted and passed by the EU, it also covers the transfer of personal data outside of EU countries. This means that the law also affects any company doing business with or processing the personal data of Europeans, regardless of that company’s location. Organizations across the globe can be fined if they fail to meet security standards or violate an EU resident’s privacy. Fines are hefty and can severely damage brand reputation and customer loyalty.
What constitutes personal information under GDPR?
- Basic identity information such as name, address and ID numbers
- Web data such as location, IP address, cookie data and RFID tags
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinions
- Sexual orientation
You read that right. Even the IP address of a website visitor is considered personal data under GDPR. If your website has any analytics, log files, or IP address storage for even one single European visitor, you likely need to comply with GDPR.
What happens if my business is not compliant with GPDR?
Penalties for GDPR violations are significant, providing fines of up to 20 million euros or 4% of global annual revenue, whichever is higher, for those found in non-compliance. As of October 2020, the EU has issued over 422 fines.
I’m a small business owner – do I really need to worry about GDPR compliance?
Many small businesses feel that they are simply too small to attract the attention of regulators, but unfortunately, “hiding in the herd” is no longer an option. The EU authorities have fined businesses as small as local stores. Think of Switchbit’s consent management tool like an insurance policy: You won’t know how badly you needed it until it’s too late. Switchbit checks all the requirement boxes for GDPR for you, removing all barriers to compliance.
My business is located in the US – do I still have to worry about GDPR?
Yes. Even companies not located in the EU can be subject to GDPR if the company targets individuals in the EU by offering them products or services, or monitors their behavior, as far as that behavior takes place in the EU.
What do I need to do to get compliant?
If you want to be confident your website is compliant, sign up for Switchbit today. Switchbit is a data privacy and consent management platform that helps websites obtain immediate compliance with all global privacy laws (not just GDPR!) Get compliant today and stay that way forever. Sign up now for as low as $30/month. No credit card required.