What is GDPR?
With all of the security breeches happening around the web, and the fact that more consumers were concerned with how they were being tracked and targeted by marketers, Nations in the European Union passed a comprehensive set of rules called the General Data Protection Regulation.
Laws regarding data protection in the EU were written back in 1998 before most people were really using the web.
This set of rules goes into effect on May 25th, 2018 and it will change how citizens in these countries can control their online information.
Website owners and marketers, social media sites and others now have to ask explicit permission to use anyone's data, and it can't be buried in a long single stream of legalese that no one will read.
It also allows individual to request access to certain types of data a site may have stored and even request that all prior data be removed.
Why does it matter?
Technically anyone with a website that citizens of the EU Nations have access to is required to comply with the regulation. Now if you're not marketing to, or selling to them, then you won't likely have legal trouble from the new rules.
If you are doing business with any EU country you should take a close look at how the regulation affects how you conduct business online. While no one know when serious enforcement will begin, fines can be very large.
Talking to your legal council and web development team would be a good idea.