FastSpring’s full-service ecommerce platform is fully compliant with the EU General Data Protection Regulation.
In May 2018, the EU General Data Protection Regulation (GDPR) went into effect. The GDPR is a European regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
What does the GDPR do?
This regulation enhances the data privacy protections for European Union citizens and is a mandatory requirement for any company with access to personal data of EU citizens. If your company is conducting business with EU residents, your ecommerce platform must be GDPR compliant.
What are the goals of the GDPR?
One of the aims of the GDPR is to harmonize and bring data privacy laws across Europe up to speed with the rapid technological change of the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.
Who does the GDPR affect?
GDPR compliance is different for every company and depends on, among other factors, company size, the types and amount of data it processes, and its current security and privacy measures. The GDPR will apply not only to organizations located within the EU, but also to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, EU data subjects.
Under the GDPR, businesses:
What Constitutes Personal Data?
Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, or bank details to posts on social networking websites, medical information, or a computer IP address.
Protecting Your Personal Data
Personal data plays a huge part in society and the economy. It is essential that people have—and know they have—control and clarity over how their data is used, are protected by any organization they interact with, and that organizations are given clear guidelines to protect all personal data.
FastSpring Compliance with the GDPR
FastSpring is fully compliant with the EU General Protection Regulation. Our ecommerce platform is capable of conducting business with all EU-based customers online store. FastSpring also complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.
The way consumers think about their personal data is changing and evolving. Businesses are being held accountable for keeping up with emerging trends and regulation.Read More Blog Post
There has been a 42% increase in the number of internet users worldwide. Our in-house Data Protection Officer, Matt Loos, reviews the General Data Protection Regulation.Read More Documentation
Although FastSpring is fully compliant with GDPR requirements, your company may have separate obligations under the GDPR, and FastSpring cannot provide legal advice on this or other subjects. Read the docs”Read the Docs
Any business that collects or receives customer data from contacts in the EU is responsible for complying with GDPR and protecting customer data. We strongly encourage you to familiarize yourself with the new regulation and prepare for implementation. Information is available at gdpr-info.eu, nibusinessinfo.co.uk, and eugdpr.org