Nobody on the internet can avoid the newest buzzword of recent days: GDPR.
General Data Protection Regulation (GDPR), a comprehensive new piece of EU legislation, went into force on May 25, 2018. Although the regulation’s goal is to safeguard EU individuals’ data privacy, it has an impact on enterprises all over the world. No matter where you are in the world, if you own an online store, you probably need to prepare for legislation changes.
Like most American firms, even the regulators are unprepared for GDPR. To avoid receiving a hefty fine, companies with an internet presence should immediately get up to speed with the compliance requirements.
Here is a concise summary of everything you need to know about GDPR if you operate an online business with BigCommerce.
LEGAL DISCLAIMER: Seibert Consulting Group, SCG Team, is not affiliated with or endorsed by BigCommerce or Commerce Holdings, Inc. All references to ‘BigCommerce’ are for informational and historical purposes only. No current partnership, sponsorship, or certification is implied or asserted. All trademarks and registered trademarks are the property of their respective owners. Paul Seibert is a shareholder of Commerce Holdings, Inc.
What is GDPR?
The GDPR is a new law establishing data privacy by controlling how businesses gather and retain customer data. EU individuals now have greater control over their data, including names, addresses, credit card details, and even photographs, thanks to the adoption of stronger regulations.
If any EU citizen accesses your website, you must obtain their opt-in consent before collecting, using, or storing their data.
A punishment of up to $24 million or 4% of your company’s global revenue may be imposed for violating GDPR.
Is GDPR Affecting Your eCommerce Business?
You could believe GDPR is an EU rule that primarily protects EU residents and won’t impact your US-based company. The truth is that GDPR may apply to your business if it interacts with any Europeans, even if it’s just one customer.
Like the internet behemoths, small eCommerce companies with less than 250 employees won’t have to abide by every GDPR obligation. However, the extensive law contains enough information on businesses of all sizes.
What Must You Do to Comply with the GDPR?
No matter where your company is located or how many employees it has, you should be familiar with the broad guidelines for GDPR compliance.
Elective Consent
Say it out loud: “opt-in consent.”
In the past, websites used pre-filled cookie consent forms where users were just made aware of the collection of their browser data. Individuals must now opt-in for websites to be permitted to gather data under GDPR. Customers will no longer be able to use pre-ticked checkboxes; instead, they will need to manually indicate their consent by checking a box. The websites must then make clear who may access their data, how it will be used, and how long it will be kept.
Keep your data privacy policy up to date.
Make sure there is no jargon in your privacy policy. It should describe the usage and archive of your customer data. Make it simple for your customers to access. The best course of action for eCommerce business owners is to be open and truthful about their efforts to safeguard client data.
If you use BigCommerce, you can now include a checkbox that buyers can select to view and accept your privacy statement before creating an account.
The ability to delete
The “right to be forgotten” is a requirement of GDPR for those who want their data deleted from a system. Customers must be able to easily edit their data or withdraw their consent for marketing purposes. Such a choice must be simple to locate. In other words, if your consumers want their data removed, don’t make them jump through hoops to get it done.
Report any data breaches within 72 hours
Always keep consumer data secure. You must notify the appropriate authorities and your customers of any data security breach within 72 hours. Users of BigCommerce can inform the platform’s supervisory authority of a data breach.
Verify the GDPR compliance of your vendors.
As they also have access to your consumer data, ensure sure any third-party suppliers or apps you employ, such as live chat and product reviews, are GDPR compliant.
BigCommerce: GDPR Prepared?
BigCommerce, a top eCommerce platform, has ensured that it is GDPR compliant before its implementation on May 25th, 2018.
To comply with the new rules, the platform has implemented the following measures:
- A data protection officer is appointed Beckett, Christopher
- keeping records of data processing
- evaluating vendors
- putting in place privacy measures such as data breach response guidelines
Conclusion
Taking Your Business to the next step can only become a reality if you have the right expertise to deliver outstanding solutions. At Seibert Consulting Group, we specialize in providing modern solutions to businesses that aim at taking full advantage of the eCommerce platform. We always customize our solutions to align with Your Business’ requirements and goals. Let’s start talking about your project and find out how we can help Your Business grow. Get in touch with us via our chatbot or email at hello@seibertconsulting.com and via our direct line at 760-205-5440.
