Latest News: (loading..)
14steve14

Who in the EU has heard of GDPR and will it affect you

15 posts in this topic

On the 25th May 2018 the updated General Data Protection Regulations comes into force. Well who knew anything about that. It would appear that the EU has or is about to change the way that people collect and store others data. This apparently supersedes the Data Protection Act in the UK. It has also been mentioned that when we leave the EU we will still need to comply with the regulations as the EU has made it worldwide somehow.

 

Has any store owner seen a sensible easy to understand website that explains how this may affect store owners, or like me have you never heard about this until now.

Share this post


Link to post
Share on other sites

Posted (edited)

Never heard of it. No doubt more EU-Bulldust dreamed up by men in suits who have nothing better to do.

 

Not in the EU...the answer for many small businesses; don't sell to EU citizens. That takes away a whole layer of Bulldust.

 

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

Edited by burt

Share this post


Link to post
Share on other sites

when we leave the EU we will still need to comply with the regulations as the EU has made it worldwide somehow.

 

Easy there! If you do business in the EU, and therefore handle the data of EU citizens, this applies to you. If you are located outside the EU, and are dealing with non-EU citizens' data, it doesn't apply to you. If you need to implement anything new to meet GDPR, it should be a superset of data-protection requirements anywhere else in the world, and you can handle everything the same way. Now, if you're physically located outside the EU, I doubt they'll have much leverage with you, even when dealing with EU citizens. If you're a small shop, and make a reasonable effort to protect personal data, frankly I doubt they'll bother coming after you. They've got bigger fish to fry with Amazon, Google, etc.

 

Has any store owner seen a sensible easy to understand website that explains how this may affect store owners, or like me have you never heard about this until now.

From a very quick scan of the Wikipedia article, it sounds like mostly common-sense data protections. I don't see anything that says the Data Protection Officer has to be a discrete person -- it can be another hat you wear (president, web guru, shipping clerk, bottle washer, DPO,...). People can request that their data be moved to another system, which is not applicable if you don't run elsewhere (what are they trying to accomplish here?). People can request to be forgotten (you erase their account information upon request, where that doesn't conflict with statutory data retention requirements or good accounting principles). Data breaches have to be reported to the appropriate authority. Customers have to explicitly consent to having data collected (it should be enough to add "By providing this information, you are consenting to our collecting it" to registration and PWA pages), and there are restrictions on collecting information from children. There are some privacy provisions which anyone handling personal data should already be implementing, at least for the type of data an online shop would hold. There may be some extra i-dotting and t-crossing to be done, but what else is new?

mcmannehan likes this

Share this post


Link to post
Share on other sites

@@MrPhil

 

Thats pretty how I read everything. I already get asked to remove customers which I always do unless they have bought something then I need to keep the information. Nothing on my site is pre selected as that was something that was implemented when the last lot of data Protection rules were changed and people had to opt in rather than opt out. The only thing I think that really needs sorting with regards to the webshop is something to say that a customer has given consent to store information. I suppose this could be something like a check box with the result stored in the database when creating an account, something along the line of the newsletter bit of the create account form.

 

Luckily all that I store is customer contact details, and order details so nothing too serious to be concerned about. I do also remove lots of old customers after a few years if they have never bought anything so thats sort of complying in that I dont keep data longer than I need. I also have unsubscribe links in the newsletters that are sent and mailchimp sorts all that out.

Share this post


Link to post
Share on other sites

Thanks for this tread.


We should ensure personal data deletion and GDPR confirmation in the registration where customer comes from EU.

 

 

In the official core need EU customer's delete option directly from the account and an administration delete mechanism after time periods.

 

The question is which data should be destroy?

 

I suppose transfer user to anonim user and never delete the orders data.

Sensitive data are Customer's name, Street Address, Birthday and Email Address. Another data are not connectable but need for stats.

Customers name should be anonim or nickname from the reviews.

So only the relations should be destroy when customer want delete registration.

I dont understand that why only personal data is sensitive and why not company is...

This law makes different effect to webshops. Some shop will offer partner programs to keep account in live and some not where orders are unique.

Share this post


Link to post
Share on other sites

Never heard of it. No doubt more EU-Bulldust dreamed up by men in suits who have nothing better to do.

 

Not in the EU...the answer for many small businesses; don't sell to EU citizens. That takes away a whole layer of Bulldust.

 

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

 

@@burt Many small buissnesses can surive, to sell to EU it's a bigger market than the small UK. Why you so rude about that?

Share this post


Link to post
Share on other sites

Posted (edited)

Thanks for this tread.

We should ensure personal data deletion and GDPR confirmation in the registration where customer comes from EU.

 

 

In the official core need EU customer's delete option directly from the account and an administration delete mechanism after time periods.

 

The question is which data should be destroy?

 

I suppose transfer user to anonim user and never delete the orders data.

 

Sensitive data are Customer's name, Street Address, Birthday and Email Address. Another data are not connectable but need for stats.

 

Customers name should be anonim or nickname from the reviews.

 

So only the relations should be destroy when customer want delete registration.

 

I dont understand that why only personal data is sensitive and why not company is...

 

This law makes different effect to webshops. Some shop will offer partner programs to keep account in live and some not where orders are unique.

 

The data for the bookkeeping have to destroy after 10 years in some EU contry longer, in some EU country shorther.

I did recommand already that osC have to consider the EU law in every new version. I know some people don't like that, but i have a 100% EU law suitable version. The community know already it's my pimp version. The link you can find in my profil.

 

And this new law have to be suitable for every EU country, this will need long time too.

 

Here is the text of the law: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf

Edited by mcmannehan

Share this post


Link to post
Share on other sites

@@burt Many small buissnesses can surive, to sell to EU it's a bigger market than the small UK. Why you so rude about that?

 

Because the EU is full of un-elected bureaucrats that have nothing better to do all day apart from make up complicated legislation that affects everyone, and makes their life so much harder.

Share this post


Link to post
Share on other sites

Sure, bureaucrats can spend the day fantasizing new rules in order to justify their existence (big complaint here, too, which is a major reason President Doofus, er, Trump, is in the White House). If you're a small business, do those things which are common sense and practical and fair, and ignore the rest which are an unreasonable burden to you. If you're small enough, they probably won't bother you. If they do, you can get a lot of public sympathy and support by pointing out that you are being quite reasonable -- and they're not.

mcmannehan likes this

Share this post


Link to post
Share on other sites

Posted (edited)

Because the EU is full of un-elected bureaucrats that have nothing better to do all day apart from make up complicated legislation that affects everyone, and makes their life so much harder.

 

Thats why the UK is out of the EU. That will things much more complicated for the UK in future. :D

Edited by mcmannehan

Share this post


Link to post
Share on other sites

Posted (edited)

Thankfully I'm not in the EU and don't sell into the EU but...

 

E.U.'s New Data Protection Law Affects Companies Worldwide

 

Dan

 

Yes, this will effect the data protection worldwide. May be the result will be: That worldwide the data protection is more respected and more controlled. Everybody like to have his own data protected, if they in the wrong hand, very fast some people can take over the online identity and more. I appreciate the new law.

Edited by mcmannehan

Share this post


Link to post
Share on other sites

Posted (edited)

I don't want to get into a political debate on the rights or wrongs of the EU and the UKs decision to perform a Brexit.  If anyone really wants that discussion, go find a political forum and mass debate it.

 

In a ecommerce context, discussion here is most welcome;

 

As for the option of a non-EU shop NOT selling to EU Citizens...that's an option some shopowners might like to take.  

Edited by burt

Share this post


Link to post
Share on other sites

I don't want to get into a political debate on the rights or wrongs of the EU and the UKs decision to perform a Brexit.  If anyone really wants that discussion, go find a political forum and mass debate it.

 

In a ecommerce context, discussion here is most welcome;

 

As for the option of a non-EU shop NOT selling to EU Citizens...that's an option some shopowners might like to take.  

 

 

I did the opposite and stopped selling some products ie electronic services to customers within the EU. It was a very simple mod if you remember Gary, so it must be possible to do something similar for other countries.

burt likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now