I get asked daily about the GDPR, and if we should be worried and what we should do … I collected some easy to understand information and few very very useful articles i hope everyone can take a look and kinda relax a little bit 🙂
So Should you bother about GDPR ? What is GDPR ? what Does it mean to none EU Businesses ?
First, Stop freaking out ppl !Like most things they are almost certainly going to focus on going after those who are blatantly violating people’s privacy on a large scale. So I wouldn’t worry too much …
The GDPR is an EU zone based Law, Not EU individuals outside the EU Zone, otherwise this becomes impossible to control and Clashes with Local laws of residing countries.
BUT Australia’s Privacy and Information Commissioner Timothy Pilgrim Explained: ” The laws do not stop at European boundaries, however, with those in the rest of the world, including Australia, bound by the GDPR requirements 👉 if 👈 they have an establishment in the EU, 👉 if 👈 they offer goods and services in the EU, or 👉 if 👈 they monitor the behavior of individuals in the EU. ”
And : ” Anyone in Europe is covered and it’s not just citizens either … 👉 if 👈 you’re in Europe and subject to some heinous data protection issue, then you’re covered by the GDPR ”
Some Australian businesses covered by the Australian Privacy Act 1988 (Cth) (the Privacy Act) (known as APP entities), may need to comply with the GDPR 👉 if 👈 they:
• have an establishment in the EU (regardless of whether they process personal data in the EU), or
• do not have an establishment in the EU, but offer goods and services or monitor the behavior of individuals in the EU
The GDPR also applies to the data processing activities of processors and controllers outside the EU, regardless of size, 👉 where 👈 the processing activities are related to:
• offering goods or services to individuals 👉 in the EU 👈 (irrespective of whether a payment is required)
• monitoring the behavior of individuals 👉 in the EU 👈 , where that behavior takes place in the EU (Article 3)
So it’s pretty tricky Yes!! … Few Tips from major Data Controllers:
Update Your Privacy Policy, Install a banner on your site for EU visitors only advising you use cookies (if you do), For EU Visitors, You can Redirect to a different Landing Page and add a small consent and explain what you are collecting “name end email only” if your Form is asking just for that, Explain that they can unsubscribe and modify their details anytime ( all autoresponders have this included already) , And most people dont go through the details, just like how 99% never read terms and conditions of any site, service, product … extra
To Make it easy guys, Take a look at Aweber’s optin form and it’s GPDR compliant :
Simple right ?
A Good Example Aweber Used also:
Another common question people have is this: Do I need to have double opt-in (aka confirmed opt-in) now with the GDPR?
You don’t need to have double opt-in to be compliant with the GDPR. You can still use single opt-in and be compliant if you can prove informed consent in another manner as seen above.
Conclusion, The bigger Part lies on the Data Controllers, Autoresponders, Facebook extra and they all have taken measure to comply …In the End of the Day , if we are using data responsibly; NO spamming, we have a consent on our optin Form & we have a Clear easy access unsubscribe link in our emails, We should be hopefully okay 🙂
Cheers …
PN: This is Not a Legal advise by any form, this is a collection of data as i understand it and i’m only providing a guide and a personal opinion, if you still have doubts, consult a legal person to advise you 🙂
Sources:
