Because privacy policies are part of a system.
A system of handling, managing, and guarding customer information.
They’re a kind of “contract”—a pledge—you make to your customers about the care you’ll take with their personally identifiable information.
When subscribers join our community, they have certain expectations about the privacy of their information. So did we. That’s what our privacy policies lay out, so there’s no misunderstanding.
And like other aspects of business, systems and processes have to change when new rules and laws take effect — in this case, the new European data protection law called the General Data Protection Regulation EU 2016/679 (GDPR), which went into effect on May 25, 2018.
Although the vast majority of our clients and subscribers are based in the United States—as are our servers—we need to be prepared for purchasers coming from the European Union, where data protection regulations are more stringent.
This could affect your business, too.
The kinds of changes the GDPR requires to privacy policies include:
- Transparency: Making it easier for customers to understand the user data your company has and why you have it.
- Control: Outlining how customers can correct and or delete their user data.
- Security: Providing more details on measures in place that secure customer personal data.
We’re pleased to say that our policies were already very much in line with these new directives. But it didn’t hurt to give them another look (which we did) and update them. Hey, we’re in the business of helping entrepreneurs create the systems that enhance their business and let them step back from the day-to-day. So we have to be on top of this.
If you have customers that come from the EU, or if your servers are based there and transmit information back and forth, you’ll want to make sure you’re current with this new development.
Which of your customer data systems might need updating? Get in touch.