This new law goes into effect on May 25th, 2018 and it applies to pretty much everyone with a website or anyone collecting email addresses.
There are specific steps you will need to take prior to May 25th, or you could face strict financial penalties and repercussions for non-compliance.
Be sure to listen in for full details and a quick breakdown of what exactly that means for you.
GDPR EU Regulation Reference Links
May 5th 2018 Update
The more I’ve been reading about and listening to others breakdown the GDPR law, the more I’m realizing this is really a big deal.
The details below are my personal opinion, please be sure to do your own due diligence and start to take action based on your specific circumstances.
I’ve included links to the new content I’ve consumed since publishing this Podcast episode at the bottom of this section.
A few things I’d like to highlight…
- This law is NOT specific to people operating in the EU, it affects all of us that have websites that might be visited from people in the EU and also anyone that collects email addresses or other personal data.
- This law does not just apply after May 25th, it applies to everyone that is already on your email list that has a location in the EU OR anyone that does not have a location listed.
- The potential monetary penalties for non-compliance are stiff, up to 20Million Euro, or 4% of global annual turnover, depending on severity of the violations.
The even bigger issue I see for most of us is that anyone that collects email addresses will have to prove that you received consent to send people emails and you would have to clearly state your full intentions when they subscribed.
It is not enough to provide a lead magnet in exchange for an email address. If you intend to add subscribers to an autoresponder series or send them any additional marketing emails in the future, that must be/have been clear upfront.
And the other sticking point is that this new law applies to not only anyone that is identified as being located in the EU, but if you have anyone on your email list that has no location (and that is probably a big portion of your list), this applies to all of those folks as well.
Based on the content from the links below, it seems that in order to send anyone in the EU OR anyone without a location an email after May 25th, that you will need to obtain new consent for them to remain on your list and affirm their desire to receive emails after May 25th.
If you do not have verifiable proof that they have consented to receiving additional emails after May 25th, you would have to remove them from your list by May 24th, or be in violation.
If you find this frustrating, you are not alone! I’ve talked this over with several folks in the community and we’re all in agreement on that.
However, it is not the time to just throw your hands up and do nothing. Now is the time to check your existing privacy policies and take a look at your email list(s) and put your game plan into effect.
Check out these external resources below. They provide a very detailed breakdown for you to determine what how this will affect you, along with some tips and suggestions.
Amy Porterfield GDPR Podcast Episode – In this Episode Amy bring on an Attorney that specializes in helping entrepreneurs and he provides his full interpretation.
The bottom line is that if you have a website or collect information from your audience of any kind, the GDPR likely affects you.
What steps are you planning to take? Have any suggestions or additional details to share?
Please leave a comment below or jump on over to the Private FB Mastermind group for the site and join in on the discussion.