Think the GDPR only applies to European-based companies? Think again. This groundbreaking E.U. data security law is causing a cascade of changes to global business. you might be wondering – What is GDPR? Does GDPR apply to U.S. companies too? Should you be doing something to protect your business? We’ve listed a lot of great resources with answers for our software technology clients in this article.
The GDPR, or General Data Protection Regulation, takes effect in the EU on May 25, 2018. Some tech experts are calling it the greatest change in data regulation in 20 years because of its legal severity and potential for far-reaching effects. Just one misstep could cost your company a staggering 2% of global revenue in fines.
The law was basically enacted to protect privacy and ensure consent for data collection and distribution. It centers around the E.U.’s hot-button topic known as the “right to be forgotten,” or protection from the internet’s long-lasting archive of false and damaging information.
In a word, yes. The GDPR does impact U.S.-based businesses, so don’t make the mistake of assuming otherwise. Here’s why.
In the spirit of shielding people from reputational damage, the authors of the GDPR had to look at how online data is collected in the first place. What they found was a widespread pattern of companies around the world – not just in the E.U. – gathering personal information and behavioral data about their citizens, without consent.
For this reason, Article 3 of the GDPR states that if a company collects data from someone in an E.U. country, it is subject to the requirements of the GDPR regardless of the company’s location. To be crystal clear: If your U.S.-based tech business collects any bit of personal data from an E.U. citizen, the GDPR applies.
If you don’t do business with E.U. buyers, you might think you’re in the clear. But consult with your IT director, marketing director, and data management company before letting your guard down.
The GDPR clarifies that a financial transaction does not have to take place to fall under the rule. Victims don’t have to be your customers. Collection of personal data, known in the U.S. as PII or personally identifiable information, is the GDPR’s central focus.
So let’s say, for example, you did an internet survey asking people – customers, non-customers, random site visitors – for feedback about your website. If, while taking the survey, E.U. residents provided information about their gender, age, education level, country of origin, or a wide range of other basic demographic info, the GDPR applies.
OK, so maybe you never requested demographic info, but just asked about peoples’ likes and dislikes. Even if an E.U. citizen just checked a box that said, “I enjoy reading tech news,” it would be defined as information about personal interests and fall under the GDPR. The E.U. has a broad definition of behavioral data.
Some companies are realizing they’ve been collecting this kind of data about E.U. residents without giving it much thought. One common example is the info gathered for free trials and free content.
Does your tech company have a required field, like an email address, before people can read a free eBook, download a whitepaper, or try out a basic version of your service? If so, an E.U. resident may have given you personal information that’s expressly covered under the GDPR.
To keep your company covered, you’ll need to implement some new policies and procedures. It’s time to update across platforms, because GDPR requires consent to be “freely given, specific, informed, and unambiguous.”
After collection, you’ll have to keep data protected under GDPR guidelines and notify regulators within 72 hours of a potential breach. Failure to do so brings thousands – even millions – in fines. GDPR regulators will take 2% of your global revenue per incident.
Some pessimistic tech experts say the authors of the GDPR are likely interested in making a high-profile example of a U.S. business that fails to comply. Don’t let it be your company.
Here is a list of free GDPR resources to get you started.
Written by: Michelle Glennie, The Partner Marketing Group
I got my start in the channel working for a newly appointed Microsoft software distributor where I managed the Microsoft product line. In those days, working for a distributor meant moving heavy boxes filled with thick training manuals, managing floppy drives and SKUs, expediting shipping, executing big launch events and delivering partner education—classroom style.
Because our clients are software and technology companies, we know firsthand how challenging it is to tell a complex story in a way non-techie people understand. Oh, and by the way, you’ve also got to make it creative, engaging and relevant. How the heck do you do THAT?
The answer, my friends, is USE CASES!
Think the GDPR only applies to European-based companies? Think again. This groundbreaking E.U. data security law is causing a cascade of changes to global business. you might be wondering – What is GDPR? Does GDPR apply to U.S. companies too? Should you be doing something to protect your business? We’ve listed a lot of great
When we analyzed the data from our 2018 Technology Marketing Benchmarks and Trends Report, one stunning fact stood out from the rest: Blogging shot to the #1 spot for lead generation tactics last year, jumping ahead of past tried-and-true methods like email marketing, social media, and webinars.
Why is blogging such a big deal?
If you’re a software technology reseller, vendor, or service provider, the 2018 Technology Marketing Benchmarks and Trends Report might be the most important thing you read all year. Why? Because it’s from your peers in tech marketing. It’s a deep dive into the top marketing trends for you and your competitors.
The Partner Marketing Group