TL;DR: Compromised data and credit card numbers, plus shady disclosures (ahem, Facebook) have pushed the EU to force regulations that mandate we as website owners to maintain more transparent data collection policies and better control over user information (like credit card info).

Yes, in two ways.

First, if you have a notable presence of site visitors from any EU country (which includes the UK until March 29, 2019), the GDPR applies to you. It does not matter if anyone from the EU is buying products from you. They merely have to visit your site on a slightly regular basis.

Second, if you do not comply to the GDPR, you will find yourself in a sticky situation at some point in the next few years. Just like taxes, regulations like this are almost never repealed—they tend to only get more strict.

So what the heck is the GDPR?

If you’ve had your head buried in a bouquet of Farmgirl Flowers and have totally missed the buzz (no judgment), good for you—you are probably a lot less stressed out than the rest of us prepping for this thing. Luckily, I got ‘yer back here at The Contract Shop®. We make things easy—duh!

“GDPR” stands for General Data Protection Regulation.

In plain english, this is a set of rules the European Union is enforcing beginning on May 25, 2018.

In order to be in compliance with these new rules, the EU is mandating anyone with a website. 

Should you freak out and throw fragile objects?

No. You can take comfort in a few things.

1. Terms and conditions + a privacy policy are no longer enough, but they’re a great start.

If you’ve already purchased our Terms & Conditions + Privacy Policy Template, you’re grandfathered in to this latest version which is GDPR compliant. If you haven’t bought this yet… we don’t want to call you a knucklehead butttttttt….ummmm….. (Psst, even if you’ve published our template, the GDPR requires some extra steps, so be sure to click here and sign up for our free training to make sure you’re truly compliant).

2. Bigger companies will be hit the hardest and fastest.

If I were Facebook, Mailchimp or Walmart I would be freaking the eff out right now. I do not envy their legal teams. They will not only have to make new hires to police their data and privacy measures, and their official job title is the “privacy po-po” (okay, they’re actually called, “Data Protection Officers,” but how boring is that?!)

3. Be on the lookout for collateral damage.

While yes, the fines proposed are outrageous and will never be viable for small businesses like us, and are not expected to hit us until much, much later (if at all), there is something very concerning at play.

Third-party service providers who are going to be under a lot of scrutiny with the GDPR—like Facebook, Convertkit, Mailchimp, Trello, etc.—will be watching their users, aka YOU AND I. This is both good and bad.

These companies are being forced to innovate their delivery of privacy information and will likely pass that on to us as their users, similar to the way they mandated footers in emails and prompt us for that information upon registering for their service. And tsk tsk if you’re still putting Disney World as your business address here. Get a real one! #judgingyou

These companies will make GDPR compliance much easier for us in the long run, but until then, it’s every woman, man and frowning cat for themselves. That’s why we created this free training that helps you navigate through the three biggest secrets hidden in the GDPR.

And those companies who don’t comply and continue to use these nifty little services we’ve come to love so dearly? I’d be very, very afraid for my little tush if this were me. You might just wake up one morning and find yourself locked out of your email service provider for good.

My Predictions for the GDPR

1. This is another Y2K. For now.

Nothing is going to happen on May 25th. There’s not going to be an implosion of the internet, or a mass exodus of businesses from Europe.

However, that doesn’t mean you should ignore what’s coming. If the GDPR applies to you, you’ll need to be compliant or face the consequences. You can comply before or after you get slapped upside the head with problems. I prefer to do it before and avoid #probz altogether, but ya know, maybe I’m just lame like that.

If you don’t know if the GDPR applies to you, click the image below!

2. GDPR apps and plugins will abound to make things easier for us, once they come out.

The EU cookie bar is mandated and has been for quite some time. My prediction is our SAAS providers and app developers will make GDPR compliance as easy as it is to install this little cookie monster. That is, super easy and done in less than 10 minutes.

Now, who’s techie and wants to make a mint?? Plz send halp.

3. The United States, Australia and Canada are likely to follow suit (Canada is more likely to cave first).

If you are still not convinced you need to comply to the GDPR, first of all, why did you read this far? There’s like, tons of funny cat videos on Youtube you just missed out on wasting your time reading this.

Second, this ish is coming to the States in some way, shape or form. It might not happen this year, or even in the next three years, but eventually businesses that only serve Stateside visitors and consumers will be forced to comply with similar (or the same) privacy rules and regulations. But let’s face it, Canada will probably implement these changes first if history is any indication of the future.

If you don’t feel like reading, grab a watermelon and a spoon and sidle up to my unrelaxing, sometimes party-girl voice as I teach you all about the GDPR here.