The General Data Protection Regulation (GDPR) Takes effect on 25 May 2018.
What is the GDPR, exactly?
The GDPR is a new law that concerns itself with the handling of personal data of European Union (EU) residents. It takes effect on May 25, 2018.
Over two years in the making, the GDPR is intended to give EU residents more visibility and control over their personal data: how websites, including eCommerce websites, collect data; who they share it with; and what tracking technologies monitor them across the Internet.
What new privacy-related rights does the GDPR gives EU residents?
The new law requires stores to inform their customers about what information they collect, store, and share, and establishes specific rules about the kind of consent required before stores can collect personal data. That means that stores will be asking for consent more explicitly, and detailing their use of personal data more specifically in their privacy policies.
In addition to clearer notices and privacy policies, the GDPR also gives EU residents powerful new rights such as the Right of Access, Right to Rectification, and Right to Erasure.
That means that EU residents will be able to:
- Demand a copy of all the data you have about them.
- Demand any errors in the data be corrected.
- Request the removal of all personal data.
The GDPR also gives EU residents the right to find out if their personal data has been compromised. Stores will need to notify customers if their personal data is stolen in a breach, and do so in a timely manner.
You can read it and download it for further reading.