Overview of GDPR and how it affects small business owners in the US. With specific links and resources for businesses with e-commerce websites and those running WordPress and WooCommerce.
What is GDPR?
General Data Protection Regulation (GDPR) definition: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
The regulation was created to protect privacy for all individuals within the European Union and European Economic Area.
The regulation requires that personally identifiable information being collected about individuals inside the EU be processed and stored to protect the data privacy.
- Information must be stored using pseudonymization or anonymization.
- Data is not available publicly without explicit consent.
- Consent to use data can be withdrawn by the consumer at any time.
- The processor of data must clearly disclose what data is being collected; how it being collected; why it is being processed; how long it is being retained and if it is being shared with third-parties.
Who does this affect?
This applies to any online business that collects and stores personally identifiable information from individuals or entities in the EU.
How this might affect Web Savvy Marketer customers:
- If you have an e-commerce store and sell to customers in the EU
- If you collect personal data from EU customers for any reason
- You can not send unsolicited emails to anyone. You can not purchase lists, or merge lists from different companies into your list.
- You can not auto email from abandoned shopping carts, unless the shopper has opted in for email.
Actions steps to take if GDPR affects you
- Make sure your website has an SSL certificate installed so data collection/storage is encrypted
- Remove all automatic opt-ins on your website, get a clear consent prior to collecting data
- Set up process to delete user information upon their request
- Set up process to monitor for potential data breaches and notify users if their data has been affected by a breach
- Review your mailing lists for compliance
For more detailed information please review the following resources:
- Get a quick overview with this Infographic: http://ec.europa.eu/justice/smedataprotect/index_en.htm
WordPress related information:
- Good overall resource in clear language with specific information on what to include in privacy policies and recommendations for data collection. https://www.willows-consulting.com/gdpr-for-ecommerce/#
- Woocommerce websites: https://woocommerce.com/2017/12/gdpr-compliance-woocommerce/
- Additional Woocommerce resources: https://woocommerce.com/gdpr/