While we can’t offer legal advice specific to your business, we’ve put together a summary of the major changes introduced by the GDPR and what business should keep in mind in order to comply.
The purpose of the GDPR is to better protect the privacy and personal data of EU citizens. This is achieved through a set of “data subject rights” and requirements which organisations must uphold.
Some key areas that businesses must consider include:
From data sharing to database marketing, what was once considered “business as usual” is now tightly regulated to ensure that customers have full transparency and control over their personal information.
Besides ensuring your own conduct is kept in check, business owners must also evaluate whether a third-party vendor is GDPR-compliant before sharing customer data with them. As the data controller, you would be liable for any penalties that arise if that data is used unlawfully.
We recommend all our customers enhance their GetTerms.io documents with the help of professional legal advice, to get a tailored roadmap to GDPR compliance.