So we have all heard of the new GDPR which came into effect on the 25th of May. I have been hearing people say that GDPR doesn't apply to them as it is only about the processing of personal data from EU citizens, so here is a little article on the topic by yours truly :)
https://medium.com/@lygarrod/gdpr-is-not-just-for-eu-citizens-792a76e7bc0e
I would love to hear your thoughts!
I didn't realise how many times I gave my spam e-mail address away until this GDPR came to effect. There were just so many in my inbox it was hilarious!
But yea, how can you actually say this is only for EU, business is generally global (unless you are a local tradesman outside the EU) so this will apply everywhere. Is this part of your job then?
Hey Nicky, good to hear from you again. Yes GDPR has vast reach and carries some serious penalties for non compliance. Yes I help businesses, in particular tech companies with GDPR compliance ☺️. I was rather shocked to see how steemit handled the consent issue (I will write about it soon because that's not the way to obtain consent under GDPR). They need to tread carefully or they will find themselves in lots of trouble
Uh-oh, well, bring it to their attention ASAP as we can't have steemit going down. Might need your help on that as I am not sure about it from an artist point of view. I have a couple of people signed up to a blog on my website but they just typed in their name and e-mail address themselves (at the bottom of each blog, they can decide if they want to be notified by e-mail when I write a new blog).
Yes, I think I will bring it to their attention :) GDPR only applies to processing of personal data for business purposes, so if it is just a personal blog then I wouldn't worry about it :)
Ok, fears have been cast aside for now. Although I will start selling some tracks, EPs, maybe even an ebook eventually so how many thousands of pages of documentation will I have to read? :P I do have a WordPress site that uses Woocommerce, which has informed me they are GDPR compliant...?
Yes under GDPR both data controller and data processor have to be compliant, so your data processor is informing you that they are GDPR compliant so that you can use their service to conduct your business, however, that will not relieve you of your obligation to be GDPR compliant once you start your business :)
Hmmm thanks for letting me know. So how do I become GDPR compliant? Is there an easy-to-read summary of it all?
There is the actual legislation and then there is also a lot written about different parts of GDPR and its interpretation. As this is a new piece of legislation and there is no case law on how the courts will actually apply it. I will try to write some guides for small businesses and share them here. Are you on Linkedin?
Hi @lucygarrod
Glad to see you back.
Good article
My thoughts are going burble burble burble thonk.
Visit Me on Steemhost.com/@dwarrilow2002
Lol! :)