You may have noticed that many of the websites and services with which you interact online have sent out new data privacy notices in the past few days. This is because these companies have personal data about some or all of their customers, and on May 25, 2018, new regulations will take effect which were imposed by the European Union. These new rules, called the General Data Protection Regulation (GDPR), are far-reaching and impact any United States company that does business in the EU or has EU resident customers.
If you are such a company, it is urgent that you become compliant immediately. Penalties for non-compliance are extensive and significant. While all of the steps necessary to become compliant are beyond what can be supplied in a memo, we would like to provide a quick overview on the privacy notices. Briefly, privacy notices to your customers about how you process their personal data must be:
• Concise, transparent, intelligible and easily accessible;
• Written in clear and plain language, particularly if addressed to a child; and
• Free of charge.
Here is a link to a document created by the UK’s Information Commissioner’s Office about properly crafting a privacy notice: https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/privacy-notices-under-the-eu-general-data-protection-regulation/.
If you need additional information about privacy notices or compliance with GDPR, Shulman Rogers would be happy to assist you. Please contact your regular Shulman Rogers attorney or contact the firm here as soon as possible, in order to assure your timely compliance.
The contents of this Alert are general in nature, for informational purposes only, and do not constitute legal advice.
Stay up to date with all the latest news and events.