What is General Data Protection Regulation (GDPR)

What is General Data Protection Regulation (GDPR)

GDPR makes everyone extremely busy. And because the main objective is to have a positive impact in terms of data protection in the digital economy era due to the development of internet technology in recent years, this might also have an effect on online businesses.

Then what is GDPR?

GDPR stands for General Data Protection Regulation, a regulation on Data Privacy (data protection) that is applied to all companies in the world that store, process or process personal data from 28 countries belonging to the European Union.

The contents are pages and articles, which can be nauseous if you read them all.

One thing is certain, this regulation has been approved by European authorities since April 2016 and will be effective worldwide on May 25, 2018.

The main function of GDPR is to give consumers control over their personal data collected by companies.

Among them:

  • Basic information such as name, address and ID number
  • Web data such as location, IP address, cookies and RFID
  • Health and genetic data
  • Biometric data
  • Ethnic and racial data
  • Political opinions
  • Sexual orientation

GDPR does not only affect companies or entities in Europe, but also applies to companies around the world that offer goods or services, or who monitor the behavior of people from the European Union.

This is the reason why GDPR has a very broad impact, especially in the online world that knows no territorial or regional boundaries.

Sanctions for GDPR Violations

Pretty brutal. As a rule, of course there are consequences for those who do not comply.

The following sanctions:

An organization that violates the GDPR law will be fined up to 4% of the total annual turnover or as much as 20 million euros (around Rp. 344 billion), whichever is greater.

The point is GDPR is a SERIOUS regulation.

No wonder Google seems to be constantly doing updates in order to meet this rule. JVZOO also appointed VeraSafe as a consultant to handle GDPR on their services.

A survey from PwC even stated that if 68% of US companies would spend between $ 1 million and $ 10 million in order to meet this GDPR regulation.

GDPR for bloggers & online businesses

Let’s start from the difficult first. If you or your company or organization operates an independent business that has direct relations with residents of European Union countries, regardless of business type, then you may need to find a professional consultant to resolve this issue.

Then what about the other business models?

If your business is not independent, in this case it means joining or becoming part of another organization, then you should always update information, especially when it’s tight to the D-day when the rules apply. Just check your e-mail inbox that starts to be sparkled by information about GDPR.

This means that almost all online platforms follow, try and continue to process to meet the GDPR rules before the deadline arrives. As far as I know, Shopify, Wix and several popular platforms have provided instructions on how to adopt GDPR to the privacy policy page.

GDPR for website owners & bloggers

If your web does not collect visitor data directly and only records web data automatically such as location, IP address, cookies, with the main target of non-European visitors (especially only local in Indonesia) then you can do one of 2 options:

First , You can block visitors with IPs from European countries using plugins or tools available. Please Google for the way.

This step you can take to find safe.

But if you feel that your business has nothing to do with Europeans, please just ignore this GDPR rule because after all on paper it has nothing to do with you.

Second, You can update the privacy policy page. As with regulations relating to other privacy issues, in principle GDPR can be resolved by affixing an additional statement, which is a statement that we do not collect personal data so that it has no obligation to GDPR and automatically complies with the GDPR rules.

Here’s what it sounds:

“Because we do not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data , We are not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulations (EU) 2016/679, hereinafter “GDPR”) and does not have the associated responsibilities under the GDPR. “

Please adjust and (if necessary) consult the policy statement above to the experts according to their individual needs.

GDPR for Adsense Publisher

Specifically Google has updated the TOS (term of service) for Adsense publishers. If you haven’t agreed, please check your e-mail and immediately approve this latest TOS.

Google is one of the companies that paid extreme attention to GDPR in being able to fulfill it before the deadline for this regulation.

Even so, there aren’t many things that Adsense publishers need to do.

Google only recommends that you add a link on the privacy policy page to the policy page for Partner sites https://www.google.com/policies/technologies/partner-sites/which will explain how Google manages data on its advertising products.

Please read more information about this on the full official Google page here.

Of course, it is likely that there will still be some updates ahead of GDPR in force and I will definitely inform you if there is anything that is considered important and relevant to this information.

Leave a Comment