GDPR Launching Late May - Does it Affect Me in AU?

Undoubtedly you’ve heard of GDPR and the many 100’s of articles, opinions and comments written about it in the lead up to the launch in 11 days so we at Nimbull wanted to give you a run down on what you need to know.

What Is GDPR?

General Data Protection Regulation (GDPR) is Europe’s newest iteration of their existing data protection legislation. The already strict data collection and consumer privacy laws across the biggest economies in Europe are only getting stricter.

What Does It Mean?

Simply put, GDPR changes the way consent is gathered from website visitors for tracking their online activity and allowing third party tech on your site to collect and use this information. In the past, if you visited an EU or UK based website you’d see a simple banner at the bottom of the page requesting you to close the banner as acceptance of the website tracking your online activity. What the websites didn’t tell you was the number of other tracking platforms on their site that were also tracking you and building rich profiles about customers. Moving forward, websites will explicitly need to gain approval from the customer and clearly outline how / what data they are collecting and more importantly guide the user to where they can view/download their data and delete the same.

Does It Affect Me In Australia?

Yes and no, whether you’re a global business or even a small retailer in country NSW, its important to understand the GDPR as even if one of your customers is located in the EU then you need to update your information consent policies. For consent solutions you can visit cookiechoices.org, which has examples of consent language and available third party consent solutions.

Recommended Action

Check your records and if you’ve got any customers from the EU or plan to expand to the EU, think through how you will collect consent from users across your sites and apps. You may wish to use your own consent mechanism or one of the solutions listed at cookiechoices.org. Note it is important that any tech vendor you use needs to comply with the GDPR regulation as well. If you allow their tag on your site its your responsibility to understand what information they collect.

In closing, the GDPR is a step in the right direction in providing control back to the consumer over their data but it is seen as providing more power to the large publishers like Facebook, Google and Amazon as users rarely log out of these platforms and visit them across all their devices (tablets, laptops and phones). For the new laws to be successful, the EU government legal teams need to provide greater clarity to smaller publishers, tech companies and companies (retailers, etc) on how they continue to do business without spending thousands of dollars trying to comply with every nuance of the GDPR.