GDPR - seriously? - Ecommerce forum at WebmasterWorld

Forum Moderators: buckworks

Message Too Old, No Replies

GDPR - seriously?

Tonearm

12:40 pm on May 5, 2018 (gmt 0)

I'm worried about the GDPR changes being put into place in Europe. My online store in the US ships to Europe. We don't collect any customer info besides default server logs and billing/shipping addresses and emails. I'm not in a position to do any more programming right now, but if I don't set this up I will be fined $20,000,000 per European customer?

Travis

1:21 pm on May 5, 2018 (gmt 0)

Not exactly, excepting if you are a big company.

What can happen is that, at some point, the EU can come after you, to point what you are failing to achieve to be compliant with the GDPR. If you are clearly not making efforts to be compliant, then, yes, you can start getting troubles.

Also, all depends of what you are doing with these data. For example, if you are selling or sharing them with third parts, then this will be a source of problem.

Now, if one day, your database is hacked, and leaked. Then you can also get serious problems about the data concerning your EU clients, if you were not compliant with the GDPR.

Now about the fine, this "up" to 4% of your global turnover or 20 millions euros. But that is the maximum possible. So , excepting if you are Google, Facebook, Microsoft, Twitter, etc... you will not be fined 20 millions.

nb: businesses had 6 years to work on the GDPR and adapt their processes, or at least 2 years, since the moment the text was definitive.

makeonlineshop

6:27 pm on May 5, 2018 (gmt 0)

Who cares this BS, do you think that someone is going to sue you ?
I just ignore all these stupid rules. My websites also are in US !

Travis

6:32 pm on May 5, 2018 (gmt 0)

rules

These are not "rules".

keyplyr

7:25 pm on May 5, 2018 (gmt 0)

We don't collect any customer info besides default server logs

@Tonearm - read here: GDPR & Log Data Storage [webmasterworld.com]

Travis

9:45 am on May 6, 2018 (gmt 0)

We don't collect any customer info besides default server logs and billing/shipping addresses and emails.

"don't collect" , but in fact you do collect a lot of personal info. (Name, address, email are the basis of personal information)

piatkow

4:53 pm on May 7, 2018 (gmt 0)

As I understand it you can collect the necessary information for the fulfillment of an order and hold that information for reference. You cannot capture additional information or use it for other purposes without explicit permission.

Travis

5:08 pm on May 7, 2018 (gmt 0)

Yes piatkow is right.

When data are collected, you/we have to inform the user what we collect, for what purpose, (and if we share the data with third parts). The user agrees implicitly, or explicitly to this (depending of the kind of data collected and its purpose). Then, you do not have the right to do anything different with these data. If you want to do something else, you have to obtain again the agreement from the user. (which makes sense).

GDPR - seriously?

Tonearm

Travis

makeonlineshop

Travis

keyplyr

Travis

piatkow

Travis

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week