*** Here Is A List Of Some Of The Best Domain Name Resources Available ***NEW YORK – As you are probably well aware due to the number of emails you are receiving, by next Friday, May 25th, 2018, the EU General Data Protection Regulation (“GDPR”) will go into full effect. You should be preparing to update your Privacy Policy even if your site does not target EU users.
I wanted to share what I have learned so far as I prepare to update some of my United States websites. I urge you to seek out your own advice and council on what to do to bring your sites into full compliance with the GDPR, but if you do not target the European Union at all, you might be able to get by with just some very minimal changes to your sites privacy policy, such as identifying that your service is maintained, operated and entirely focused on United States users, but you must seek your own legal advice and I am only sharing what I have learned from those in the legal space upon asking.
We have recently counseled clients on the applicability of the GDPR to their businesses and suggested modifications to existing privacy policies. If a business (the “controller” under the GDPR) is not established in the EU, it only has to comply with the GDPR if it explicitly targets EU data subjects (people in the EU). One factor to determine whether a site targets the EU is whether the site is in a language of an EU country and that language is not the official language of the jurisdiction of the website. Another factor includes whether or not you are selling services to EU residents.
—- Intellectual Property Attorney
In other words, if you are based in the United States and your site caters to, or even offers translation service or functions for EU territories, or offers different versions of your site to users in EU territories, or allows registration or signup ability to users in EU territories, you need to revise your privacy policy, add clear opt-ins for all your marketing emails, and possibly need data processing agreements with some of your US-based processors.
A legal team could help you comply if you do target those users, but you also could choose to change your business practices to avoid the application of the GDPR to your business (like not offering the website in different languages, not offering the website in these territories, or gauge the amount of sales/traffic in the EU to see if selling their is necessary at all).
I recommend you prepare an update to your Privacy Policy as soon as possible, even if your site does not target EU users, by specifying this in your privacy policy, as I will also be doing so in the next few days. I’ve also been getting rid of any EU related content from my sites as it is not relevant to the majority of my services and will limit liability and limit opportunity to even serve these regions.
IMPORTANT: Again, I am only offering information based on what I have recently learned in my own searches for preparation and actions to implement, and as such, the above is certainly not legal advice, and is more of an opinion, on how to properly prepare your own business or your own website on GDPR compliance. I hope that it is helpful to some website operators in the United States.
About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®
Leave a Reply