WHAT IS GDPR?
The General Data Protection Regulation (or GDPR) is a European privacy law that will go into effect on May 25, 2018. GDPR sets new standards for EU companies about how personal data is stored, collected, and used online.
If you are not in the EU or do business with EU customers, GDPR may not apply to your business. If you or your customers ARE in the EU, keep reading to find out more about how you may comply with these new regulations.
Note: This resource does not constitute legal advice nor provide specific instructions on what your particular business should do. It is merely provided as a courtesy to give you an overview of what GDPR is. We are not based in the EU, nor are we legal experts! Please check specific GDPR requirements here: https://gdpr-info.eu/
Who does GDPR affect?
GDPR only applies to businesses that are based in the European Union or have EU customers. If you are based in any of the countries listed below or have customers there, GDPR may apply to you.
EU countries affected by GDPR:
-
Austria
-
Belgium
-
Bulgaria
-
Croatia
-
Cyprus
-
Czech Republic
-
Denmark
-
Estonia
-
Finland
-
France
-
Germany
-
Greece
-
Hungary
-
Ireland
-
Italy
-
Latvia
-
Lithuania
-
Luxembourg
-
Malta
-
Netherlands
-
Poland
-
Portugal
-
Romania
-
Slovakia
-
Slovenia
-
Spain
-
Sweden
-
United Kingdom
If you or your customers are NOT based in these countries, GDPR may not apply to you. If you are unsure if your business will be affected, please seek legal advice. We cannot tell if your individual company would fall under GDPR guidelines, nor are we able to provide legal guidance to you.
What is Personal Data?
Anything used to identify a person on its own or in combination with another bit of data is now considered "personal data" under GDPR. This can include someone’s name, email address, physical address, IP address, date of birth, financial information, and more.
GDPR best practices in a nutshell:
-
Have a plain-language privacy policy explaining what data you’re collecting and how it will be used.
-
Only collect essential data.
-
Allow folks to actively "opt-in” to receive marketing messages.
-
Make it easy to unsubscribe from marketing messages.
-
Don’t share data without consent.
-
Give customers the “Right To Be Forgotten.”
-
Protect data from hacking or theft, and report breaches within 72 hours.
What is PhotoBiz doing for GDPR?
We are working hard to protect your data, both as a customer of PhotoBiz and as a business owner.
Our Privacy Policy has been updated to describe what data we collect and how it is used. Your data is stored and processed securely and is not shared with others without consent. You have the ability to opt-in or out of marketing messages not essential to maintaining your PhotoBiz account.
We will be contacting EU customers and asking them to positively opt-in to continue receiving marketing messages from us. If you wish to opt-out from receiving industry updates, promotions, or information about new products now, click here. You may email legal@photobiz.com at any time to request what personal data we have about you or ask us to remove your data from our system.
More resources about GDPR
To learn more about GDPR and get specific guidance on creating a data strategy for your business, check out the links below:
Note: This resource does not constitute legal advice nor provide specific instructions on what your particular business should do. It is merely provided as a courtesy to give you an overview of what GDPR is. We are not based in the EU, nor are we legal experts! Please check specific GDPR requirements here: https://gdpr-info.eu/