What Non-EU Consumers Should Know About the GDPR

Have you noticed a sudden uptick in privacy policy updates recently? Have you seen references to 25 May, 2018 and wondered what was going on? Maybe you have received email newsletters asking you to confirm you still want to receive the newsletter. And suddenly every website you visit is warning you about cookies. And I don’t mean the delicious kind that can expand your waistline. I mean that one up at the top of this page.  Say hello to the GDPR.

woman shopping on computer with text "What Consumers should know about the new GDPR even if they live outside of the EU."

 

 

GDPR, say what now?

The General Data Protection Regulation is a new law in the European Union regarding electronic data collection and storage that goes into effect on May 25, 2018.

And it is a good thing.

All countries in the EU now have one set of rules for dealing with electronic data. They are trying to protect the individual and his data.

Among the many provisions:

  • privacy policies have to be in simple language not legalese
  • companies have to tell you why they need data from you and what they are going to do with it
  • you must give consent for your data to be used
  • if you tell a company to erase your information they have to do it
  • if there is a data breach they have to notify authorities in 3 days.

Failure to do so means hefty fines for the companies.

But I am not in the EU so am I being effected?

The laws only protect EU citizens and residents, but….

Companies have the choice to apply one set of rules for those living in the EU and one for everyone else or just make the changes for everyone.

Hmmm. Which one do you think they are going to chose?

Think of it like GMO labels in the United States. A handful of states require that anything made with genetically modified ingredients be labelled. Is General Mills going to slap a label on every box of cereal or only those sold in the areas that require it.  Ain’t no one got time for that.

Large American companies like Google, Microsoft, Apple, etc. that do business throughout the world are updating their policies and procedures to make sure data is safe for all of their customers regardless of where they live.

Even small American bloggers like me, with just an occasional visit from a resident of the EU (“bienvenu” if that’s you), are still updating our privacy policies, adding cookie notices and deciding what information we really need to gather. We may be over-reacting, but most of us are just trying to do what we think is right.

What Consumers should know about the new GDPR even if they live outside of the EU. #onlineshopping #onlinesafetyClick To Tweet

Did you say cookies are bad?

Eating too many cookies can be bad for your health. But, electronic cookies can actually be handy little bits of code.

Say you see this pin for my King Size Brookie recipe and you click through to my site because it looks amazing (because it is!).

King Size Brookie - half brownie, half chocolate chip cookie, baked in a cast iron skillet. Doubly delicious chocolate dessert.

When you try to leave my site, a pop up window asks if you are interested in receiving recipes via e-mail plus get a few ecookbooks for free. Whether you chose yes or no, a little bit of code is left on your device.

The next day when you are ready to make the recipe and come back to the site, the pop up program sees the cookie and says “This person has already seen this so I won’t bug them again.” Nice.

Ad companies use cookies to show you online ads they think you will like. Have you ever searched for something like “travel to Tahiti” and suddenly you see hotel and airline ads on every website you visit? Those are cookies at work.

Some people like the personalization, some feel their privacy has been invaded.

I am a blogger, what do I need to do about GDPR?

Use you favorite search engine and type in “GDPR for bloggers”. Even if you are not in the European Union you may still want to take action.

I am an Internet User that doesn’t have a blog or store anyone else’s data electronically, what do I need to do?

Nothing.

Depending on where you live and what online companies you visit determines how much you are protected by the new legislation.

But, other than occasionally checking some extra “opt-in” boxes and having to delete a slew of privacy notices you don’t need to do a thing.

Except, maybe bake some cookies, because I bet you are craving them now.

Related Post

4 comments

Skip to comment form

  1. This is not completely correct. If someone from the EU visits your blog you need to be compliant. Why? If you have comments, contact forms, Google Analytics, do a backup, provide an optin, use Cloudflare or a cache system. Have gravatars in your comments, show ads, have social media share vuttons they are collecting data. It isn’t just a cookies notice or email. There are over 600 services I have seen and who knows how many I haven’t seen? You also have to allow users to receive the data collected for thier view. If they want it all deleted, you have to prove you did. They have to consent before they evn read your blog. The fines are 4% or your annual earnings or 20 million L. You have to have the check box on your email subscribe form. You are also required to have a privacy policy disclosing every way you collect data, ands that can include any plugin you have as well 3rd party companies. And I don’t know what else.

    WordPress is releasing a new version on May 15 to help make this easy and prvode a checklist for all you need with proprer legalease. There is NO one size fits all plugin or answer for each blog. What they collect can be very different from one to another. You may need more than WP provides but they will give you questions and you need to decide.

    I have no clue about any other CMS. You need to check with them. But don;t panic. As the time nears more information and help to be compliant will be available. This is a wonderful source to get trusted information. And the required information may be applicable to other than WP. https://blogaid.net/wordpress-4-9-6-new-gdpr-tools/

    This is based on what I have researched and questions I had answered by different entities I use. I am not a lawyer or internet expert. This information changes daily and by blog.

    1. Thanks for your insights Marilyn, but this is not a post for bloggers.

      This is for all of those readers out there that have no clue what companies (including us bloggers) are going through to try to be compliant.

      The average internet user does not need to do anything.

      The onus is on us to protect their data.

  2. Very good answer! And boy, have I seen an uptake just thisd weel on the email update messages.

  3. You are so evil! Yes! I am totally now craving fresh baked chocolate chip cookies!!!! Ackkkkk!
    oh and btw–fantastic article.

Leave a Reply

Your email address will not be published.

%d bloggers like this: