Have you been inundated with notices from organizations addressing GDPR?
We have. Therefore, we wanted to make sure that you are aware of some new regulations around user data privacy, implemented in the European Union, that could affect your app. Our goal is to make sure our clients are abreast on anything that may directly affect their applications.
GDPR: What is it?
European General Data Protection Regulation – AKA GDPR. On May 25th, 2018, a government update established a new set of laws dictating how companies in the EU collect and use data and handle consumer privacy. It also gives those consumers greater control over their data on the internet.
This law change, years in the making, sets a new standard for data collection, storage, and usage among all companies that operate in Europe. Currently, GDPR represents one of the most robust data privacy laws in the world.
Many of the ideas outlined in GDPR came from the earlier regulation, and an even older set of principles, which covers the ways consumer information should be used. Those practices have shaped policies in the United States. The United States has historically regulated privacy with piecemeal laws for the privacy of healthcare records, financial documents, and federal communications.
But this is the US – How are we affected?
Does this mean GDPR only affects you, if your consumers live in Europe? Yes and no. On the forefront, GDPR only affects the European Union, meaning the rights outlined within it don’t translate to other countries.
We have already had clients update their documentation to specifically exemplify EU-located users from their apps with the inclusion of language such as: “This app is not intended for users located within the European Economic Area.”
This should be a simple addition to the document hosted on your website.
Additionally, if you are asking users to register for your app or website, consider adding language (on those screens) to the effect of: “By registering (or clicking “Save”), you agree that you are not located within the European Economic Area.” If this functionality is within your app, and not via a web page, please contact us at email@example.com and we can add the language there.
If you do not want to exclude European consumers, your attorney can also help you with that language.
Both routes begin with a call to your attorney and end with a client notice.
Again, the most prudent step is to review this with your attorney and we can then make adjustments to your app based on that advice.