• About
    • History of Dallas SEO
    • SEO Expert Witness Service
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Email Newsletter

Bill Hartzer

Bill Hartzer on Search, Marketing, Tech, and Domains.

traffic analysis tools

Home » Internet Marketing » What is GDPR And Why Should You Care?

What is GDPR And Why Should You Care?

Posted By Bill Hartzer on May 9, 2018at 3:03 pm

GDPR Compliance

What exactly is GDPR, and if you have a US-based business with a website, why should you care about the upcoming deadline of May 25, 2018? I recently talked to a few businesses, and they didn’t know anything about it. And, they’ve never heard of it. As someone who is involved daily with digital marketing and search engine optimization of websites, I have to tell you that if you’re an EU-based business then you’ll need to comply with the new GDPR regulations by May 25, 2018. If you’re not in the EU, then you actually should care about it, as it will have an affect on your website–at a minimum, your Google Analytics data.

Jump To

  • What is GDPR?
  • GDPR Questions and Answers for US-Based Companies
    • Does GDPR affect US companies? YES
    • What types of PI data is included in GDPR?
    • What are the fines for not being compliant?
    • Do US companies need to worry about EU enforcement? YES
    • What US-based Companies Should Consider

What is GDPR?

To answer that question, it’s best answered by my friend Jenny Halasz, who wrote an article about it in Search Engine Journal:

“GDPR is short for General Data Protection Regulation, and it’s going into effect on May 25, 2018 in the European Union and the associated countries. Its purpose is to finally make good on a legal question from several years ago about how data is used and whether individuals own the data that they create by interacting with websites online. The courts ruled that individuals are the owners of their data, not the corporations (or websites) that collect the data. Therefore, it must be deleted on a regular basis so that customers don’t have to constantly contact websites they may have visited and ask them to delete their data.”

While the GDPR is specific to businesses with websites in the European Union countries, most websites don’t currently block visitors from visiting their websites from EU countries. Even US-based businesses should consider whether or not they need to delete that data or not. Of biggest concern at this point is how Google Analytics deals with the data that’s collected, and if a setting isn’t changed in the GA account by May 25, they could lose all of the Google Analytics historical data older than a certain number of months, which is 26 months.

After consulting with a few of my legal contacts, they basically told me that the biggest concern for US-based companies is that someone in the US could sue a business with a website for not complying with GDPR-like regulations. In my professional opinion, even though a US-based company doesn’t do business in the EU, they do get EU-based website visitors. We don’t know how EU regulators are going to enforce these regulations at this point. Regardless, US-based companies with websites should be aware of GDPR, and consult their legal team before deciding whether or not they will retain the data or not.

For US-based websites, there are choices, as I personally see it:

  • Do nothing, and keep retaining the data. Set Google Analytics so you retain all of the historical data.
  • Comply with GDPR regulations and delete all data older than 26 months.
  • Completely block all traffic and visitors to your website that come from European Union countries, telling them they can’t access the website.
  • If a visitor comes from an EU country’s IP address, you could redirect them to a landing page telling them that you don’t comply with GDPR, so you’re not letting them access your website.
  • If a visitor comes from an EU country’s IP address, you could have a popup come up or a message on the website that tells them that you DO comply with GDPR, and you don’t save data older than 26 months.

Those are few options—at this point, for US-based business I recommend that you DO continue to collect the data via Google Analytics and update the GDPR settings. You can find out more information here: https://support.google.com/analytics/answer/3379636. Here’s a screen shot of what the Google Analytics settings looks like:

google analytics GDPR

GDPR Questions and Answers for US-Based Companies

Here is a list of several different questions and answers, along with data points that explain the GDPR implications for US-based companies. However, even if you are outside the US, then you still will want to understand these points.

Does GDPR affect US companies? YES

  • If your company has an online presence, a website that can be accessed by any person in the world (which you more than likely do), then you need to be very aware of what’s going on with GDPR. (via Business.com)
  • Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU.
  • Gartner predicts that almost 50 percent of U.S. businesses will not be able to comply with GDPR in time.
  • A PwC survey showed that 92 percent of U.S. companies consider GDPR a top data protection priority.

    What types of PI data is included in GDPR?

    Thee are certain types of PI data (personally identifiable data) that is included in GDPR. Here’s more info about the Personally Identifiable data involved in GDPR.

    • Basic identity information such as name, address and ID numbers
    • Web data such as location, IP address, cookie data and RFID tags
    • Health and genetic data
    • Biometric data
    • Racial or ethnic data
    • Political opinions
    • Sexual orientation

    What are the fines for not being compliant?

    What are fines for being non-compliant with GDPR? They are pretty large.

    • Data breach within 72 hours
      – Option for Class Action lawsuits
      – Suspension of personal data processing in case of non-compliance
      – In addition to fines up to 2% of annual revenue or €10 million for technical infringements
    • Non-compliance with fundamental principles and rights
      – 4% of annual revenue
      – or €20 million

    Do US companies need to worry about EU enforcement? YES

    • Agreement Between the UNITED STATES OF AMERICA and the EUROPEAN UNION – This gives the EU the ability to sue US companies (Reference – Article 3(F)
    • Evidence of past US settlements over Privacy Shield

    What US-based Companies Should Consider

    If you are a US-based company, what other things should you consider?

    • Past lawsuits in the EU over privacy and the right to be forgotten
    • Politics
    • Corporate tax cuts bringing $ back to America
    • Recent blow up of privacy and censorship via Facebook, Google, and Twitter

    Keep in mind that I’m not a lawyer—so I do recommend that you consult with your legal team before making any changes related to GDPR. And, if you decide to block EU visitors, there are ways to do that–and I can help steer you in the right direction. Or, if you have questions about GDPR, and whether or not you’re compliant or not, let me know and I can help.

Filed Under: Internet Marketing

traffic analysis tools

Listen to "Digital Marketing with Bill Hartzer" on Spreaker.

About Bill Hartzer

Bill Hartzer is CEO of Hartzer Consulting, LLC, an SEO Consulting firm that includes services such as search engine optimization, technical SEO audits, domain name consulting, and online reputation management.

Recent Posts

  • RightoftheDot Live Online Domain Auction February 25 February 18, 2021
  • Jabez LeBret on Digital PR, Journalism, and Media Coverage February 5, 2021
  • Someone Stole My Domain Name: Here’s What You Do February 1, 2021
  • 23 Top Level Domains TLDs Up for Auction January 27, 2021
  • GotConn Privacy Search Engine Launches January 26, 2021
  • Andrew Muller on Testing Google Ads Using Facebook Ads January 15, 2021
  • Mike Rhodes from Web Savvy On Google Ads January 8, 2021
  • How to Opt Out of Google Analytics December 16, 2020
  • Majestic Just Changed SEO and Linking Forever December 15, 2020
  • Yext Consumer Search Trend Predictions for 2020 December 8, 2020
  • SearchBox Launches SearchAI SmartSuggest, SearchAI Answers and SearchAI Personalization December 7, 2020
  • Google Poly is Shutting Down December 2, 2020
  • Domain Name Brokers Put FFF.com and HHH.com Domains Up for Sale December 1, 2020
  • Google Webmaster Tools Moves Twitter Account November 11, 2020
  • Email Deliverability, Setting Up DMARC, DKIM, and SPF on Your Domain October 29, 2020
  • The Bing Search Engine is Now Microsoft Bing October 6, 2020
  • Beck Power on Building Authority on Social Media and Repurposing Content October 2, 2020
  • Naira Perez on Paid Media, and an Intro to Social Paid Media, and Audiences September 17, 2020
  • Fake Birth Date Used on Google and Apple Accounts Is on Credit Report August 17, 2020
  • What is Bill Hartzer Disease? July 20, 2020

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:



Industry Friends

WTFSEO
SEO By the Sea
Jeff Lenney
Jeff Gabriel
Phil Drinkwater
Dixon Jones

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (19)
  • Bing Search Engine (6)
  • Blogging (42)
  • Branding (12)
  • Domain Names (200)
  • Google (228)
  • Internet Marketing (24)
  • Internet Usage (84)
  • Link Building (52)
  • Local Search (38)
  • Marketing (179)
  • Marketing Foo (30)
  • Pay Per Click (1)
  • Podcast (9)
  • Public Relations (8)
  • Reputation Management (9)
  • Search Engine Marketing (44)
  • Search Engine Marketing Events (47)
  • Search Engine Marketing Firms (19)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (156)
  • Search Engines (203)
  • Social Media (187)
  • Tech (7)
  • Web Analytics (16)




Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.




Hartzer Consulting



Website, Content, and Marketing by Hartzer Consulting, LLC.

Copyright © 2021 by Bill Hartzer and Hartzer Consulting, LLC.

Disclaimer - Privacy Policy - Terms of Use
Go to mobile version