GDPR is the EU General Data Protection Regulation approved by the EU parliament on April 2016 with the enforcement date of 25 May 2018, replacing the existing Data Protection Directive.
But why should you care? And why should every country including those outside the EU care?
This regulation is being put in place to protect EU citizens, which means that all companies or organizations holding or managing data from EU citizens have to be compliant with this regulation.
The regulation touches a group of strategies and tactics used by everyone in the digital space, guaranteeing that end users are aware of how their data is being used and making sure explicit consent is provided. One of many key items is also the "right-to-be-forgotten". Here are some of the tactics that are under the microscope by the GDPR regulation:
- Analytics
- profiling
- marketing communications (e.g. emails)
- privacy, terms & conditions statements
- data retention policies
- even tactics like cookies and pixel tracking initiatives needs to be reviewed
The fine for companies that are not compliant are up to 2% of the worldwide annual revenue of the prior financial year.
If you want to know more about it then we recommend going to:
- GDPR official site: EU-GDPR
- How GDPR will change the way we develop: Article-GDPR-and-development
- Opinion article regarding Facebook pixel tracking and GDPR (the same would apply for other pixel tracking executions): Facebook-pixel-tracking-Opinion
- When can we rely on Legitimate Interest from ICO UK website