GDPR - Should Indian Bloggers & Startups worry about this?

gdpr

#1

We have been talking a lot about GDPR, but it might be confusing sometimes because it’s been months since we (India) implemented GST (Goods and Services Tax), but yet, most of us don’t know what exactly it is. But, don’t worry, let’s take a small look at GDPR is:

  • GDPR stands for “General Data Protection Regulation.”

  • It’s the replacement for “Data Protection Directive.”

  • It’s a legal act in European Union law on privacy and data protection.

This might be a bit strange since we are all talking about GDPR right after Facebook–Cambridge Analytica data scandal, but it’s much more than that.

GDPR is for EU - European Union - which consists of 28 member states like France, Germany, Italy, United Kingdom, Spain, etc. But, the hard truth is, it’s not limited to these 28 states alone.

GDPR - General Data Protection Regulation

If you are running a startup or business in India and if you are collecting personal data about a random guy/girl in EU, then you are automatically a part of this whole act.

But, what’s data here? A good question, but it’s complicated, what does Facebook collect from you?

What happens if I breach GDPR?

There will be a fine up to €10 (or €20) million (Euro) or up to 2% (or 4%) of the annual worldwide turnover (Whichever is higher). Your deadline is on May 25th, 2018.

Can I block EU Traffic and stay Safe?

That’s actually smart, but that’s not safe. What about the existing data you collected? The ones you have on your Newsletter? The ones you have on your forum? The ones who wrote guest articles on your blog? I don’t know the answers for this too.

What should I be doing?

Heard of these pages - “Privacy Policy,” “Disclaimer,” and “Terms of Service (ToS)”?

You just need to be transparent with your visitors, members, users, customers, etc. about kind of data you collect knowingly and unknowingly. What you will do with that. What you won’t do with that. They should have the control to permanently delete all the data you received so far.


This is my basic understanding, I tried to convey this in layman’s terms aka simple words. If you are running a large-scale business in India with customers/audience all over the world, then you need to take this way too seriously. I’m preparing a template, or like a format, I’ll share that here soon. :’)

Let’s talk about GDPR? What are your thoughts about this?


#2

Here are the things you should take care of:

  1. List of Personal Information you collect.

  2. What you do with that Personal Information.

  3. Do you share that Personal Information with anyone?

  4. Do you use that Personal Information to display targeted ads?

  5. The exact date of the policies you publish or update.

  6. Proper contact information there.

  7. A particular notice to European residents. Their rights to access/delete/modify their Personal Information you collected.

I believe these are the 7 key points you should keep in mind apart from the standard policies for online services. Take this seriously, consult with your legal lawyers (if you have one), and do let us know if you have any queries.

Shopify got a Privacy Policy Generator. It’s pretty decent, but I would suggest you to use this only to get an idea about how it should look, don’t copy the exact thing.


#3

Super bro! What abt Youtubers? Will it have any impact on us when we use our affiliate links on channel desc?


#4

I don’t really have an idea regarding this, but it’s best to have a “Privacy Policy” for your Channel or Brand stating all these. It could be hosted by Google or YouTube, but at the end of the day, it’s yours.


#5

Jetpack also provides a tool for generating Privacy Policy for your Blog.

If you are a WordPress user, update your install to the latest version and go to: Settings > Privacy

They also have a “Privacy Policy Guide,” you can have a look at them and follow all the necessary points:


#6

GDPR is an amazing thing that will make PII more secure and help brands establish trust. I have a created a complete guide which I followed to be GDPR compliant for my blog.

If anyone have questions about GDPR hit me up I will try to help you with my best knowledge.


#7

A correction bro. Fine is no 2%, it’s up to 4% of annual turn over.
One must not ignore this issue as EU Nations are just getting started.


#8

Thanks @pawanpepz bro, I didn’t mention this difference.

(Source: MoneyControl.com)


#9

So do you have any template ready for privacy policy (in compliance with GDPR) for forums like this? Because my guess is that forums collect much more data than a normal blog. So having a new privacy policy for forums is even more essential.


#10

That’s right @thegurjyot, thankfully Discourse took care of that. We collect information only to keep track of the users and send them occasional emails. We don’t use Google AdSense or any similar ad networks at the moment. You can use the same one you use for your blogs, more or less.