Close

GDPR’s Extra Territorial Scope – what it means for you

If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.
If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.

We know that the new General Data Protection Regulation (GDPR) legislation that became enforceable late last month applies to companies that are based or do business in the European Union, but what does this new legislation mean for those of us outside the EU?

Some of you might be tempted to skip this post now because you’re not in the EU.  You could be mistakenly thinking this doesn’t apply to you. You couldn’t be more wrong.

The GDPR legislation uses the term increased territorial scope, which means that it applies to companies that are in the EU and also out of the EU.

If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.

Personal data could include information collected during a transaction in an online store, or even analytics data describing their online behaviour if it takes place in the EU.

The actual wording of Article 3 of the GDPR confirms it’s applicability to any ‘data subject’ in the EU. This means a person of any citizenship living in the EU, their nationality does not matter. This legislation aims to protect all personal data of any one in the EU, even those people visiting.

If you are a business with a target market in the EU, then the GDPR applies to your business.

So if a business is trying to target its goods and services for sale within the EU, it will be caught by GDPR.

Research conducted in the UK, showed that many businesses failed to understand this reach of GDPR, and many are not yet ready despite the compliance date passing. It’s expected that only 38% of businesses would be ready in time.  This figure is worse overseas and many businesses remain non-compliant at May 25, 2018.

So you might be thinking how can this be enforced? If your business is based outside the EU, and you were targeted because you did not meet the GDPR requirements then at the moment the process for serving formal enforcement is unclear. Conceivably however, they could use a court injunction, they could block an online service, or they could seize goods at the border.

Many organisations don’t know whether they hold data on EU customers, but it’s probably time to check whether you might need to take action on GDPR.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Leave a Reply

Your email address will not be published. Required fields are marked *

* Checkbox GDPR is required

*

I agree

This site uses Akismet to reduce spam. Learn how your comment data is processed.

6 Actions to Drive More Website Visitors

Recently I had a conversation with a new client about how to bring more people to her website as she was suffering from low visitor numbers. Here are six key actions I suggested as a way to remedy poor traffic.

Website Maintenance – Should you DIY?

Knowing those things that you’re really skilled at is critical to ensuring you are spending your time on the right things.

Why A Shared Server is not Good Enough for WooCommerce

A Virtual Private Server will give you an astonishing boost in WooCommerce speed. Find out how smart clients are getting favourable results right now with Asporea VPS.

GDPR and Doing File Sharing Responsibly

In a world now obliged by European GDPR laws, have you considered privacy when it comes to the use of file sharing apps like Dropbox or WeTransfer?

WAIT! BEFORE YOU GO

WANT TO SUBSCRIBE?