We use cookies
This site uses cookies to ensure its proper functioning and enhance your experience. Some cookies are essential and will always be used, while others, such as those for statistical analysis, personalized advertising, and social media integration, require your consent. You have the right to accept or reject these non-essential cookies. By clicking “Accept All,” you consent to the use of all cookies. By clicking “Reject Non-Essential,” you consent to the use of essential cookies only. You can manage your cookie preferences through our . To learn more about the specific cookies we use, how they work, and your rights, please review our Cookie Policy.
All products
Men's clothing
Women's clothing
Kids' & youth clothing
Hats
Accessories
Home & living
Collections
Brands
Blog / Beginner's handbook / What Is GDPR and What It Means for Your Store
Master the art of ecommerce
Launch your own print-on-demand business
Sign up with PrintfulNo upfront fees • No order minimums • 371 premium products
Blog / Beginner's handbook / What Is GDPR and What It Means for Your Store
[This post doesn’t constitute legal advice. If you want advice on what your business needs to do to be GDPR compliant, you should consult a lawyer.]
The General Data Protection Regulation (GDPR) is a data privacy law in the European Union that protects EU individuals’ personal data. It comes into effect on May 25th, 2018, and it’s going to impact all businesses that operate in and have ties to the EU.
Why should you care? Because you don’t have to be located in the EU to fall under this regulation. Even if you’re a US-based business, you need to pay attention to the GDPR if you have customers in the EU.
These are sweeping new regulations, so do your part as a business owner to stay informed. Start your research with this post! It goes over what exactly the GDPR is, how it affects online stores, and what we’re doing at Printful to protect your data.
The main goal of the GDPR is to foster trust between consumers and businesses. It gives EU citizens (referred to as data subjects) more control over how their personal data is used. And it requires that businesses are transparent about how they use collected data.
In the context of GDPR, personal data refers to any information that can be traced to an identifiable person. That can include their name, email address, IP address, etc.
The GDPR is comprised of a long list of rules and regulations. Its legalese doesn’t exactly make for the most exciting read, so we broke down its basic principles.
Under the GDPR, data subjects are granted:
Under the GDPR, businesses must:
The GDPR will push all companies with business activity in the EU to think more carefully about their customers, their privacy, and overall user experience. They need to obtain consent from their data subjects and be transparent about how personal data is used.
These are the strictest privacy regulations in the world, and penalties are big. Businesses that don’t comply can be fined up to €20 million or 4% of their global revenue, whichever is greater.
The European Commission believes that maintaining higher standards across the continent – and building trust with consumers – will help grow the digital economy in the long run.
The right to privacy is extremely important in Europe. The first data protection law was passed in Sweden in the 1970s. Europe has had some form of privacy law in place since then. The most comprehensive privacy law up until now was passed in 1995 – the European Data Protection Directive.
As the digital economy is growing and the means of data collection and processing have drastically changed since 1995, the European Commission understood that it’s time for an updated privacy law that works with today’s digital landscape.
The GDPR is now the strictest, most encompassing privacy regulation that exists today. We don’t know its full impact, but chances are it will set the bar high for other countries to follow.
Even if you’re not physically operating your business in the EU, the GDPR affects your online store if you have customers in the EU. That’s because you’re handling the data of EU citizens and you’re responsible for keeping it safe.
You should talk to a lawyer to learn specifically what your business needs to do to comply with the GDPR.
One element you may need to think about as a Printful customer is your privacy policy. If you’re working with Printful (or any other third party) to fulfill your orders, you’re passing along your customers’ data to another company. Under the GDPR, this may be something you should disclose to your customers in the EU.
And if you don’t have any customers in the EU?
It’s still a good idea to take an interest in the GDPR. These are the world’s strictest privacy regulations, so if you comply with them, it lets your customers all over the world know that their data is safe. It helps build trust with your customers if they know you take their privacy seriously.
Printful has always taken data security seriously. Now with the GDPR, we’re implementing more internal policies and security measures to comply. Here’s what we’ve been up to:
We’re also upholding the same security standards for all of our customers, whether they’re located in the EU or elsewhere.
To learn more about the GDPR and the steps you can take to comply today, check out this guide to GDPR basics.
The GDPR is coming fast – it’ll be here before you know it. So it’s time to plan what your business needs to be compliant. Remember, even if you’re not physically located in the EU, the GDPR applies to you if you have customers there. Talk to a lawyer to learn your specific obligations!
Nora Inveiss
Nora has been part of the Printful team since 2015. She has spent the last several years writing content, coordinating communications projects, and helping customers learn about ecommerce. Now as Printful's Brand Manager, she gets to use her experience and knowledge in new and challenging ways.
Search blog
Details
© 2013 - 2024 All Rights reserved. Printful® Inc. 11025 Westlake Dr, Charlotte, North Carolina 28273