GDPR, an acronym for the General Data Protection Regulation (EU), can affect all merchants. [1] iapp. “The EU General Data Protection Regulation.” Accessed July 23, 2018. You’re probably familiar with the acronym, but what is it? And how does it affect merchants and merchant resellers in the U.S like you?
Key Takeaways:
- The GDPR is a regulation regarding data protection and privacy. To protect EU residents, the regulation outlines new rules for what companies can and cannot do with user data.
- GDPR requires more user consent regarding data.
- These changes apply to all EU organizations regardless of where they do business.
- Organizations outside the EU that intentionally offer goods or services or monitor activities in the EU are also affected.
What Does The GDPR Look Like?
On a basic level, the GDPR requires more user consent regarding data. For instance, to align with the GDPR, websites may choose to include warning messages that say things like, “The following page may track your location if you choose to proceed,” accompanied by a button that says, “Proceed.” These opt-in features allow users to say: “No thanks, I don’t want to share that information,” or “Sure, I’m okay with sharing that information. Let’s move forward.”
How The GDPR Affects Merchants and Merchant Resellers
The GDPR applies to all EU organizations regardless of where they do business. [2]GDPR. “Does the GDPR apply to companies outside of the EU?” Accessed July 23, 2018. U.S. merchants who use or collect data from EU residents are also affected by the GDPR. Likewise, U.S. merchants who intentionally advertise and sell to EU consumers are affected by the GDPR.
According to the Information Commissioner’s Office, an independent authority in the UK, “The GDPR provides the following rights for individuals: [3] Information Commissioner’s Office. “Individual rights – guidance and resources” Accessed July 23, 2018.
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling”
If you are a merchant reseller, you may board web commerce merchants who sell worldwide. These merchants may advertise and sell to EU residents. It’s smart to familiarize yourself with the GDPR in case your merchants ask for information.
Kurv Security and Compliance
As a leading provider of payment processing and merchant services, Kurv is a Level 1 Service Provider.
We achieved our first Payment Card Industry (PCI) Compliance in 2005 and just successfully completed our thirteenth annual assessment.
To stay up-to-date with our evolving industry, we are a long-standing member of the PCI Security Standards Council and members of the Electronic Transactions Association (ETA).
Contact us today to learn more about GDPR and how it affects merchants.
