What is GDPR and How Will It Impact U.S. Businesses?

What is GDPR

By Michelle Glennie, The Partner Marketing Group


Think the GDPR only applies to European-based companies? Think again. This groundbreaking E.U. data security law is causing a cascade of changes to global business. you might be wondering – What is GDPR? Does GDPR apply to U.S. companies too? Should you be doing something to protect your business? We’ve listed a lot of great resources with answers for our software technology clients in this article.

What is GDPR?

The GDPR, or General Data Protection Regulation, takes effect in the EU on May 25, 2018. Some tech experts are calling it the greatest change in data regulation in 20 years because of its legal severity and potential for far-reaching effects. Just one misstep could cost your company a staggering 2% of global revenue in fines.

The law was basically enacted to protect privacy and ensure consent for data collection and distribution. It centers around the E.U.’s hot-button topic known as the “right to be forgotten,” or protection from the internet’s long-lasting archive of false and damaging information.

Does the GDPR Really Affect the U.S.?

In a word, yes. The GDPR does impact U.S.-based businesses, so don’t make the mistake of assuming otherwise. Here’s why.

In the spirit of shielding people from reputational damage, the authors of the GDPR had to look at how online data is collected in the first place. What they found was a widespread pattern of companies around the world – not just in the E.U. – gathering personal information and behavioral data about their citizens, without consent.

For this reason, Article 3 of the GDPR states that if a company collects data from someone in an E.U. country, it is subject to the requirements of the GDPR regardless of the company’s location. To be crystal clear: If your U.S.-based tech business collects any bit of personal data from an E.U. citizen, the GDPR applies.

But We Don’t Have E.U. Customers

If you don’t do business with E.U. buyers, you might think you’re in the clear. But consult with your IT director, marketing director, and data management company before letting your guard down.

The GDPR clarifies that a financial transaction does not have to take place to fall under the rule. Victims don’t have to be your customers. Collection of personal data, known in the U.S. as PII or personally identifiable information, is the GDPR’s central focus.

So let’s say, for example, you did an internet survey asking people – customers, non-customers, random site visitors – for feedback about your website. If, while taking the survey, E.U. residents provided information about their gender, age, education level, country of origin, or a wide range of other basic demographic info, the GDPR applies.

OK, so maybe you never requested demographic info, but just asked about peoples’ likes and dislikes. Even if an E.U. citizen just checked a box that said, “I enjoy reading tech news,” it would be defined as information about personal interests and fall under the GDPR. The E.U. has a broad definition of behavioral data.

Rethink Required Fields and Freebies

Some companies are realizing they’ve been collecting this kind of data about E.U. residents without giving it much thought. One common example is the info gathered for free trials and free content.

Does your tech company have a required field, like an email address, before people can read a free eBook, download a whitepaper, or try out a basic version of your service? If so, an E.U. resident may have given you personal information that’s expressly covered under the GDPR.

Now What?

To keep your company covered, you’ll need to implement some new policies and procedures. It’s time to update across platforms, because GDPR requires consent to be “freely given, specific, informed, and unambiguous.”

After collection, you’ll have to keep data protected under GDPR guidelines and notify regulators within 72 hours of a potential breach. Failure to do so brings thousands – even millions – in fines. GDPR regulators will take 2% of your global revenue per incident.

Some pessimistic tech experts say the authors of the GDPR are likely interested in making a high-profile example of a U.S. business that fails to comply. Don’t let it be your company.

Here is a list of free GDPR resources to get you started.

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts
07 Feb 2019

2019 Social Media Image Size Guide – Download and Print

Written by: Michelle Etherton, The Partner Marketing Group
This 2019 Social Media Image Size Guide will be your best friend.
Social media is one of the top marketing tactics for B2B marketing, and it’s no secret that visuals are the most effective way to capture attention on any social platform. Admit it, you scroll through

Latest Posts
15 Jan 2019

Want to Sell More Software? 3 Reasons to Start Targeting the CMO

Written by: Michelle Glennie, The Partner Marketing Group
With the customer experience driving digital transformation, software partners must shift their sales and marketing approach if they want to sell more software. The CMO is the strategic force behind customer experience and, therefore, an important decision maker for software purchases.
So where should you start? When

Latest Posts
08 Jan 2019

Top 5 Technology Marketing Blogs of 2018

Written by: Michelle Etherton, The Partner Marketing Group
The start of a new year usually brings about countdowns of favorites and chart-toppers over the past year, and marketing is no different! What were the hottest technology marketing trends and topics in 2018?
Based on our top performing articles over the past year, we’ve brought you

Latest Posts
10 Dec 2018

Nurture Marketing Series 4 of 4: Trial Nurture Marketing Campaign Best Practices for B2B Companies

Written by: Barbara Pfeiffer, The Partner Marketing Group
Through this series, you’ve learned what nurture marketing is, how to create a drip nurture campaign to stay top of mind and how to move a prospect through the sales process with trigger based nurture marketing campaigns. Now we will walk through how you can create trial

Latest Posts
10 Dec 2018

Nurture Marketing Series 3 of 4: Trigger Based Campaign / Lead Nurturing Best Practices for B2B Companies

Written by: Barbara Pfeiffer, The Partner Marketing Group
What is lead nurturing? How do you create a trigger marketing campaign? In the past two blogs of this series, I’ve shared the different types of nurture marketing with a deeper dive into drip nurture and now I’ll help you through lead nurture best practices.
As I