#1 What is GDPR?
Essentially, GDPR (General Data Protection Regulation) is a new set of regulations put in place to allow the citizens of the EU to have more control over their personal data. (full explanation & law here)
#2 Who Does This Affect?
It applies to companies who are based in the EU and global companies who process personal data about individuals in the EU.
#3 When Does This Go Into Effect?
May 25th, 2018
#4 What Personal Data Is Protected Under This New Regulation?
Currently the following information is protected under the privacy act; name, address, and photos. GDPR extends current legislation to things such as IP Address, search history, as well as genetic and biometric data.
#5 How Does This Affect Me As A eCommerce Company?
Your customers now have the right to access, amend, restrict, and delete their data at any time. And you must be able to correlate this data effectively to acquiesce their request.
GDPR also creates much tighter guidelines around consent; meaning how you comply with getting customers to agree that you can use their data.
GDPR also makes it the businesses responsibility to protect your consumers data (even if you are using a cloud hosted solution for your ecom platform)
For a complete guide to the legislation you can click here.