We have been talking a lot about GDPR, but it might be confusing sometimes because it’s been months since we (India) implemented GST (Goods and Services Tax), but yet, most of us don’t know what exactly it is. But, don’t worry, let’s take a small look at GDPR is:
GDPR stands for “General Data Protection Regulation.”
It’s the replacement for “Data Protection Directive.”
It’s a legal act in European Union law on privacy and data protection.
This might be a bit strange since we are all talking about GDPR right after Facebook–Cambridge Analytica data scandal, but it’s much more than that.
GDPR is for EU - European Union - which consists of 28 member states like France, Germany, Italy, United Kingdom, Spain, etc. But, the hard truth is, it’s not limited to these 28 states alone.
GDPR - General Data Protection Regulation
If you are running a startup or business in India and if you are collecting personal data about a random guy/girl in EU, then you are automatically a part of this whole act.
But, what’s data here? A good question, but it’s complicated, what does Facebook collect from you?
What happens if I breach GDPR?
There will be a fine up to €10 (or €20) million (Euro) or up to 2% (or 4%) of the annual worldwide turnover (Whichever is higher). Your deadline is on May 25th, 2018.
Can I block EU Traffic and stay Safe?
That’s actually smart, but that’s not safe. What about the existing data you collected? The ones you have on your Newsletter? The ones you have on your forum? The ones who wrote guest articles on your blog? I don’t know the answers for this too.
What should I be doing?
You just need to be transparent with your visitors, members, users, customers, etc. about kind of data you collect knowingly and unknowingly. What you will do with that. What you won’t do with that. They should have the control to permanently delete all the data you received so far.
This is my basic understanding, I tried to convey this in layman’s terms aka simple words. If you are running a large-scale business in India with customers/audience all over the world, then you need to take this way too seriously. I’m preparing a template, or like a format, I’ll share that here soon. :’)
Let’s talk about GDPR? What are your thoughts about this?