Understanding the EU Online Privacy Regulations

The EU General Data Protection Regulation sets a high standard for websites for processing personal data from visitors. It applies to many websites, even those not based in the EU. As long as your website has visitors from the EU, whether they interact with your website or not, the law applies to you.

The GDPR requires visitors to give express consent if you want to collect personal data that isn't essential for you to collect. For example, if a customer places an order to be shipped to him or her, you would have to get their address to mail the order. This is a legitimate, necessary reason to collect information. You must ask customers to give express consent to use tracking or advertising cookies, since they don't directly benefit the visitor.

If you want to use cookies, you have to give customers a choice to accept or not. You can't use cookies by default and then let them opt out. The language must be clear and visitors must have the option to learn more about why and how your website uses cookies. Publishers cannot urge a visitor to accept cookies; they can only offer a choice. Most publishers include a link to a Cookie Policy page to provide detailed information.

You can generate a cookie consent banner for your website online, which helps ensure it meets the GDPR requirements. Failure to meet GDPR requirements can result in fines of up to 20 million euros or about 24 million USD. Fines are based on the severity of the violation and how much damage it did to consumers. It's unlikely a cookie policy violation would incur such a large fine, but there would be some type of economic penalty. France fined Google €60 million for cookie violations on Google.fr. The number of people affected was high and Google certainly had the resources to ensure they were following the regulation to the letter. For more information click here https://i.redd.it/hiiuon05ojg61.png.