GDPR’s Extra Territorial Scope – what it means for you

If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.
If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.

We know that the new General Data Protection Regulation (GDPR) legislation that became enforceable late last month applies to companies that are based or do business in the European Union, but what does this new legislation mean for those of us outside the EU?

Some of you might be tempted to skip this post now because you’re not in the EU.  You could be mistakenly thinking this doesn’t apply to you. You couldn’t be more wrong.

The GDPR legislation uses the term increased territorial scope, which means that it applies to companies that are in the EU and also out of the EU.

If your business collects any form of personal data from an EU citizen, whether they are presently living in the EU or not, then you are required to not only comply with GDPR, but you are subject to their 20 million Euro penalties for non-compliance.

Personal data could include information collected during a transaction in an online store, or even analytics data describing their online behaviour if it takes place in the EU.

The actual wording of Article 3 of the GDPR confirms it’s applicability to any ‘data subject’ in the EU. This means a person of any citizenship living in the EU, their nationality does not matter. This legislation aims to protect all personal data of any one in the EU, even those people visiting.

If you are a business with a target market in the EU, then the GDPR applies to your business.

So if a business is trying to target its goods and services for sale within the EU, it will be caught by GDPR.

Research conducted in the UK, showed that many businesses failed to understand this reach of GDPR, and many are not yet ready despite the compliance date passing. It’s expected that only 38% of businesses would be ready in time.  This figure is worse overseas and many businesses remain non-compliant at May 25, 2018.

So you might be thinking how can this be enforced? If your business is based outside the EU, and you were targeted because you did not meet the GDPR requirements then at the moment the process for serving formal enforcement is unclear. Conceivably however, they could use a court injunction, they could block an online service, or they could seize goods at the border.

Many organisations don’t know whether they hold data on EU customers, but it’s probably time to check whether you might need to take action on GDPR.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Leave a Comment

* Checkbox GDPR is required

*

I agree

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Emerging Web Design Trends in 2019

In 2019 we are seeing the emerging trends for web design and the impact they’ll have on how your old website is perceived.

7 Things We Want to Know Before We Build Your Website

Yes, your developer should have a portfolio of work, but if they fail to take an interest in you it won’t end well. Why? Because they’ll be building your website from their point of view, not yours.

Email Harvesting and Protecting Yourself from Spam

Anyone who uses email, knows how much time is wasted every day sorting real email from the junk in your inbox. Are you tired of deleting lots of spam? Here are a few rules you can follow to eliminate more of it from your inbox.

Should I migrate to WordPress 5 Gutenberg?

With the most recent upgrade of WordPress – to 5.0 and above – you’ll notice some big changes to the way you create pages and content. Newer versions of WordPress have now incorporated block based design, which is very different to the WYSYWIG editor of the previous versions. I wanted to take some time to talk about the differences so you can make an informed choice about which way to go.

WAIT! BEFORE YOU GO

WANT TO SUBSCRIBE?