Skip to main content

Posts

Showing posts from May 13, 2018

A BUSKLAW Newsletter Aside: Is Your Website Compliant with the European Union's GDPR?

Effective 25 May 2018 , the EU's General Data Protection Regulation goes into effect.  The GDPR is a big deal and quite complicated . There are 99 articles and 173 recitals defining the privacy rights of individuals and data controllers’ and data processors’ obligations.  Are you a U.S.-based   data controller or data processor subject to the GDPR? Y ou are a “data controller” if you, alone or jointly with others, determine the purpose and means of “processing” personal data of EU individual customers or businesses. The threshold is that you offer goods or services to customers or businesses in the EU (including the UK, despite Brexit) and collect their personal data. But even if you don’t sell goods or services to EU customers but engage in marketing or monitoring activities involving EU individuals’ personal data, you are covered by the GDPR.   You are a data processor   if you “process” personal data on behalf of a “data controller,” i.e., a data controller contracts