GDPR Policy: Its Impact on Brands and Benefits to Consumers

- Published: 07 May 2018
GDPR Policy: Its Impact on Brands and Benefits to Consumers

Online activities generate data that can be collected, stored, and shared. Shopping online, interacting with social media, installing mobile apps – all these actions leave a trail of data. Depending on the consumer’s location, these practices have remained largely unregulated – until now.

Starting May 25th, all businesses that engage with European citizens must adhere to new data privacy practices in Europe. The General Data Protection Regulation (GDPR) will replace the European Union’s previous data directive governing consumer data collection, storage, and usage, and aims to give consumers more protection and greater control over their personal data. One misconception about the GDPR is that it only impacts the 28 European Union countries. The regulation’s reach extends not only to European countries but also to countries outside the EU hoping to transact with European consumers.

Consumers will have more confidence in the privacy of their data. Brands must provide additional safeguards and processes to protect their consumers.

So, what’s the big deal?

Under the GDPR, potentially crippling fines – up to €20 million or 4% of global revenues, depending on what’s greater – will be levied against businesses that fail to comply with the new law. While all companies are vulnerable, those with poor data-protection practices or those that incur data breaches due to their own negligence are particularly exposed.

The GDPR will have sweeping implications around the world, and Europe isn’t the only geography bolstering data protection laws. Canada and Australia are in the process of revamping their privacy rules, too, with other countries following suit. More than two-thirds of US companies believe the new laws will force them to rethink their strategies in Europe – and 85% expect European companies will be better equipped to address the regulations and, as a result, will wield a competitive advantage.

A consumer bill of rights

Think of the GDPR as a kind of consumer bill of rights governing data use. Under it, consumers have a variety of rights:

  • They must be able to access their personal data, know what is being collected and used by companies, and why.
  • Consumers “own” their information. Data accumulated on a consumer cannot be sold to third parties.
  • Companies must protect an individual’s IP address or cookie data with the same rigor as a name, address, and Social Security number.
  • Consumers have the right to request that their data be transferred to another business.
  • They may demand that any personal data be erased at any time from companies and third-parties.
  • Companies must create new systems that put privacy first – not as an afterthought. Companies will be allowed to collect, store, and process information only if it is verifiable necessary.
  • Mandatory data breach notifications must be sent to individuals within 72 hours, including any event that risks the rights and freedoms of individuals.
Elastic Path has developed business user-friendly tools that enable you to configure, manage and enforce your data policies. To learn how we can help, visit The post The GDPR: Its Impact on Brands and Benefits to Consumers appeared first on Get Elastic Ecommerce Blog.