SSL Labs ScoreSecurityHeaders.io ScoreHSTS Preloaded

Log in to participate

There is no cost to join RicheyWeb, and membership is a requirement to submit bug reports and participate in the support forums.

× Extension Discussions

Are you subject to GDPR regulations?

More
3 years 2 weeks ago #936 by michael
There is an excellent article on Forbes titled "US...

There is an excellent article on Forbes titled "US Businesses Can't Hide From GDPR" and that led me to the question - How many companies are unaware of their exposure?

The answer is actually very easy to determine. If you answer yes to both of these questions, then you are subject to the GDPR regulations.

  1. Are you running a business and engaged in economic activity, and does you business collect or process personal data obtained from EU residents? (Article 4(18))
  2. Does your business have more than 250 employees? (Article 30)

If you answer no to question 2, you might still be subject to GDPR but it would benefit you to consult with legal council.

Please Log in or Create an account to join the conversation.

More
2 years 1 month ago #2831 by trogladyte
I also wrote an article about this on my blog. My take is that EVERY website should have a privacy policy anyway, so why are so many businesses getting their knickers in a knot about GDPR. For goodness sake, just do it! The chances are, you (the business website owner) don't have a privacy policy at all. If your business is in California I believe this is still illegal - who knows how many other states.

Some people do care about their privacy (like ALL of them!), so why not throw them a bone in a privacy policy?

Can you say with complete, total, and utter certainty, that NO ONE from the EU will EVER interact with your website? As soon as they do, GDPR kicks in.

Of course, the likelihood of the EU courts pursuing you (the business owner) in the US over 1 or 2 interactions is minuscule. So is the likelihood of your house burning down and you losing all your possessions... Do you have house insurance?

Please Log in or Create an account to join the conversation.

More
3 months 3 weeks ago #34147 by Sharon
Almost 2 years after and the GDPR is still pulling Admins hair.

I wish to address the issue of small or large sites that only conduct business in their own city, province/state or country and no where else.
Too, there are those business-card types of web sites, with one page, a page being about twice the height of the screen, not like a endless roll of toilet paper! Why should they even consider GDPR in their Privacy Policy? I think adding GDPR, and the country of *Califorina's CCPA, and 120 other countries such as Brazil's' LGPD is necessary if they want to continue playing Google's Popularity Ranking Contest. Is a Privacy Policy with GDPR and ilk kowtowing to the many country privacy regulations, and so on not also part of the requirements by Google and not having any privacy policy bumps the site lower on the ranks? Penalty points!

The people I work with and the websites they redesign have one very short Privacy Policy that is close to "We don't collect, view, store any data about your visit here." That is to say that there is a Privacy Policy to appease Google.

Generally speaking, most web sites, whether the Admin knows it or not, is 1Stalking visitors from site to site, The sites Inject more Stalkers. Sites are Monitoring what the visitor sees, types, mouse movements, from what location, using what devices, and for how long. The person's visits are Recorded including where they came from and where they go next. With this information, the attempt is used to Control the visitor as they travel about the Internet, showing the visitor what their profile dictates based on previous travels.
It has become Stalk, Monitor, Inject, Record, Control (SMIRC for short).

The GRPR, CCAC, LGPD... ad nauseum, do not protect the visitor from Google and it's millions of minions buried in websites. At least, not in North America. Yet. But a made-for-privacy policy should be hitting and penalizing those companies that SMIRC and pimp the visitors profile to any -thing- with the money. No one gave advertisers and marketeers a Golden Key to the Internet. They just muscled in and took it.

I appreciate the work Michael has done here, and the prices are very good too, but I don't see how the site, Mr. Richey, or I can benefit from the site telling Wordpress, cors-anywhere-herokuapp.com, promisejs, Facebook, and seven others, including Google knowing that I was here, for how long, from what location, using what deceives what I read, typed, and clicked.

GDPR, CCAC etcetera cancels Privacy? Doesn't improve it.

SUMMARY: Not everyone is subject to the GDPR, but most are subjected to either having a GDPR statement, or not and being penalized (almost shamed) by Google, and search engines too.

Just my opinion is all. It may be best to have GDPR, CCAC, ... just as offerings to Google.

~S~

Please Log in or Create an account to join the conversation.

More
3 months 3 weeks ago #34148 by Sharon
Almost 2 years after and the GDPR is still pulling Admins hair.

I wish to address the issue of small or large sites that only conduct business in their own city, province/state or country and no where else.
Too, there are those business-card types of web sites, with one page, a page being about twice the height of the screen, not like a endless roll of toilet paper! Why should they even consider GDPR in their Privacy Policy? I think adding GDPR, and the country of *Califorina's CCPA, and 120 other countries such as Brazil's' LGPD is necessary if they want to continue playing Google's Popularity Ranking Contest. Is a Privacy Policy with GDPR and ilk kowtowing to the many country privacy regulations, and so on not also part of the requirements by Google and not having any privacy policy bumps the site lower on the ranks? Penalty points!

The people I work with and the websites they redesign have one very short Privacy Policy that is close to "We don't collect, view, store any data about your visit here." That is to say that there is a Privacy Policy to appease Google.

Generally speaking, most web sites, whether the Admin knows it or not, is 1Stalking visitors from site to site, The sites Inject more Stalkers. Sites are Monitoring what the visitor sees, types, mouse movements, from what location, using what devices, and for how long. The person's visits are Recorded including where they came from and where they go next. With this information, the attempt is used to Control the visitor as they travel about the Internet, showing the visitor what their profile dictates based on previous travels.
It has become Stalk, Monitor, Inject, Record, Control (SMIRC for short).

The GRPR, CCAC, LGPD... ad nauseum, do not protect the visitor from Google and it's millions of minions buried in websites. At least, not in North America. Yet. But a made-for-privacy policy should be hitting and penalizing those companies that SMIRC and pimp the visitors profile to any -thing- with the money. No one gave advertisers and marketeers a Golden Key to the Internet. They just muscled in and took it.

I appreciate the work Michael has done here, and the prices are very good too, but I don't see how the site, Mr. Richey, or I can benefit from the site telling Wordpress, cors-anywhere-herokuapp.com, promisejs, Facebook, and seven others, including Google knowing that I was here, for how long, from what location, using what deceives what I read, typed, and clicked.

GDPR, CCAC etcetera cancels Privacy? Doesn't improve it.

SUMMARY: Not everyone is subject to the GDPR, but most are subjected to either having a GDPR statement, or not and being penalized (almost shamed) by Google, and search engines too.

Just my opinion is all. It may be best to have GDPR, CCAC, ... just as offerings to Google.

~S~

Please Log in or Create an account to join the conversation.

More
3 months 3 weeks ago #34149 by Sharon
Sorry about duplicate, but when I first SUBMIT the post, there was a error that has disappeared. I reloaded the page and voila - two posts - they must be important :)
Please delete, one or both. IDC
~s~

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Powered by Kunena Forum