If you’re a business owner, you’re probably managing or processing personal data about your customers. And if you’re based in the EU or if you are located anywhere in the world and are in the possession of personal data of EU citizens, then you are obligated to comply with the new European GDPR (General Data Protection Regulation).
The GDPR was approved in April 2016 and will take effect on May 25, 2018. Businesses all over the world are racing against the clock to ensure their data protection policies and procedures are in line with new GDPR guidelines.
Multinationals are investing huge resources in GDPR compliance, with budgets often extending into millions of dollars. For small businesses, the picture is somewhat different.
The GDPR applies to all businesses handling EU citizens’ data – and that includes small businesses. While large-scale enterprises will work with experts and assemble a dedicated internal team, small business owners will likely be managing their GDPR compliance without a dedicated staff member or team. Add that to the list of tasks faced by SMB owners every day, and suddenly your to-do list is much, much longer.
According to a recent survey of small businesses in the UK, some 40% of respondents were unsure about their GDPR readiness. With the deadline looming, and steep penalties for non-compliance – 4% of the company’s annual revenues or up to 20 million Euro – it’s time to get serious and to get your small business GDPR ready.
Preparation is half the battle won. So we’ve created a checklist of 9 GDPR key points for small businesses.
This list gives you a helpful overview of the steps you need to take to make your business GDPR-prepared.
**Disclaimer: This blog post does not contain legal advice pertaining to GDPR or other EU privacy laws. Instead, this provides marketing-specific tips and background information about GDPR, to help readers understand the bigger ‘protection’ picture**