Over the last month, you’ve likely noticed that your favorite applications and websites have updated their privacy policies. Why? Because, companies and governments are looking for new ways to protect consumers’ confidential data. One example is the European Union, who has decided to take matters into their own hands by passing the GDPR. Understanding GDPR compliance and how something in the EU can have an impact on privacy policies in the US is why we’re here to guide you.

The General Data Protection Regulation (GDPR) follows the same idea as other compliance regulations – think PCI, HIPAA and SOX – with one major exception: while typical compliances focus on protecting businesses from data loss, the GDPR aims to protect consumers rather than companies. Because privacy policies have always been considered an across-the-board change – regardless of country – this new EU legislation is impacting the US in three ways:


Consumers can see what information is being shared about them.

Under GDPR, when you visit a site for the first time, you’re given the option of whether the site can collect information about you. When you opt-in, you can view what personal information you’re sharing – including what pages you’re visiting, what device you’re using to see the pages, the location you’re currently seeing them from and more.


Consumers can opt out of sharing information without consequences.

Opting-in has always been a requirement – companies made it so that if users didn’t opt-in, they couldn’t view the content of the site. This sneaky loophole put consumers in a pinch between using their favorite applications and protecting their personal information. Now users can opt-out and continue to use their favorite sites without consequence.


Failing to meet compliance results in significant fines.

An organization that fails to meet GDPR standards is fined up to four percent of their annual global turnover or $24.6 million – whichever is more substantial. Some of the largest companies are making billions in annual turnover, which means this could be a significant hit if they don’t meet the regulations set by the EU.

While the biggest push for meeting GDPR comes in the form of updated privacy policies, the most significant changes are happening behind the scenes. Companies need to change how data is being collected – and that requires more than a checkbox. Regardless of industry, size of business or country of origin, your organization needs to create a strategic plan for adapting to and understanding GDPR compliance.

Aren’t sure where to get started or how GDPR applies to your business? Marketopia keeps you informed and helps put you on the path to meeting new privacy standards. Contact us today to get started protecting consumers’ confidential data and avoiding hefty fines.