New EU General Data Protection Regulation


#1

Just received this.

Thoughts on how this may affect UK Amazon sales into the EU?

"Next May, a new EU General Data Protection Regulation (GDPR) comes into effect, that will impact any business that stores or processes the data of EU citizens. If you have customers in Europe then you probably have access to their personal data including email addresses and contact details, so you will need to comply with the GDP.

There are three main changes that may apply to ecommerce businesses in the UK:

Extended jurisdiction: The new GDPR will apply to all companies that process the personal data of EU residents, regardless of the company’s location. Processing personal data related to offering goods or services to EU citizens will have to meet these regulations, even if the processing takes place outside of the EU or the business is not established in the EU. Non-EU businesses processing the data of EU citizens will have to appoint a representative to the EU.

Increased penalties: Organisations that breach GDPR can be fined up to a maximum of 4% of their annual global turnover or €20 million (whichever is the biggest amount).

Consent: The request for consent must be given in an intelligible and easily accessible form, with no long and complicated terms and conditions. The purpose of data processing needs to be given in the consent form and it must be as easy to withdraw consent as it is to give it."


#2

Sellers don’t process payment details, nor have access to email addresses and the buyers are “amazon’s customers” according to all the T’s and C’s so this shouldn’t affect sellers at all.


#3

>+“Non-EU businesses processing the data of EU citizens will have to appoint a representative to the EU.”+
>
>+" Increased penalties: Organisations that breach GDPR can be fined up to a maximum of 4% of their annual global turnover or €20 million (whichever is the biggest amount)." +

I wonder how they are going to police that one?

They haven’t manged to stop the Chinese using the ‘CE’ mark under the guise that it stands for ‘Chinese Export’, nor do they seem to able to stop non-EU sellers committing VAT fraud.

And how do they think they are going to get €20 million out of a one-man band?


#4

We do store their contact details though, that’s the bit that’s got me thinking.


#5

I’ve tried to contact Amazon regarding this and everyone I have spoken to has never heard of GDPR before.

Did you manage to find out anything else?


#6

Amazon encrypt our customers’ emails.


#7

Yes but we do have access to buyer’s personal details (address and telephone number) so we are each individually responsible for that data. I’m just wading through all 110 pages of the GDPR now - it’s a minefield


#8

That might put a stop to the pan-European selling :slight_smile:

Or else Amazon will have to do what eBay does and offer a GS programme too.


closed #9

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.