Tuesday May 21, 2019
In 2018, the General Data Protection Regulation came into effect. The law was enacted several years ago by the European Union (EU), and increased the regulations on online data collection and protection of all European Union citizens and European Economic Area (EEA) citizens.
How does the GDPR affect businesses in the US?
Keep reading to see why US-based businesses still need to comply with the GDPR!
What's the run-down on the GDPR?
The GDPR covers a wide range of business processes and procedures. Even though there's no "one size fits all" answer to complying with the GDPR, here are some things you need to know:
- It protects the online data of all EU and EEA citizens.
- It applies to any organization from any country who processes the personal data of EU citizens.
- It fines GDPR violators up to €20 million or 4% of annual global turnover at the time of this writing.
That means that if your website is accessible in the EU and you're not complying with the GDPR, you could get stuck with a hefty fine.
Most of the GDPR requirements relate to internal company procedures that do not specifically relate to your website, CRM, or anything else that involves your AllProWebTools account. However, some requirements of the GDPR do involve your use of AllProWebTools.
The following questions will help you understand what to do next:
1. Do you do business with anyone in the EU?
If you're a US-based company who only does business in the US, we recommend that you restrict access to your website so that your website is not accessible to anyone in the EU. Learn more about the AllProWebTools Access by Country feature and how it can increase your protection from the GDPR.
2. Have you consulted with your legal counsel to determine how to comply with the GDPR?
Features to Help You Comply with the GDPRSSL Certificates
SSL secures the connection between your website and your customer so no one else can see the information that's being sent. AllProWebTools offers free SSL certificates to its subscribers.
To access SSL certificates, you must be using AllProWebTools to host your website. Next, be sure you're using the AllProWebTools DNS service. To see how to set up DNS, watch this video:
Right to be forgotten
When customers request to be forgotten and have all their data erased from your system, deleting their contact in the CRM isn't enough. You'll need to contact our Support Team to properly remove all stored personal information from that customer.
We will be adding a feature to automate this process in a future version, so we'll keep you updated when it's available!
Data breach response
We hope these tips have helped you understand the GDPR and how you can comply with it. Non-compliance with the GDPR can be costly even for American companies, but with AllProWebTools, you have the tools you need to protect yourself!