What Is General Data Protection Regulation 2018, (GDPR)?

Last Update: June 29, 2018

The General Data Protection Regulation (GDPR) is a new European Union law that will go into effect in May 2018 to regulate the processing of personal data in connection with commercial activities.

Should I be concerned with Greneral Data Protection Regulation (GDPR)?

No, I do not! Because it does not apply to me as a small business owner.

However, Carson, Kyle and Wealthy Affiliate are different. They do not meet any of the exceptions.

It is amazing to see how internet marketing has created so many fears and anxiety amount small business owners, including people in the Wealthy Affiliate Community. I just don’t understand why people believe in an online PR stunt, when they can just visit the EU commission to read the regulation itself.

Here, you can read it from the EU: https://ec.europa.eu/info/law/law-topic/data-protection_en

I wasn’t planning to write this post today until this morning while watching CBS this morning. Do you know what I saw on the news that I think small business owners should be more concerned than GDPR? The end of Net Neutrality! Yes, today. This means internet company can implement special price for content providers. This will affect your pocket more than GDPR. Guess what? Nobody cares! Because no internet marketing hypes, that is why.

How I approach GDPR?

Unlike the general public, I was trained to approach a new piece of legislation by looking at the shortest section, the exceptions to the rule. If I can find an exception, I put the legislation back on the shelf until the next time. I will also write this post looking at the exceptions.

Recently, I read an article that told small business owners: “it is better off to implement GDPR than relying on the exceptions.” Lol. Then they asked business owners to register for their GDPR expert compliant audit, got to love these marketers.

So, what are exceptions under GDPR?

  • It only applies to processing data related to commercial activities.

Nothing to explain here.

  • The processed data must be personal data. GDPR defines personal data “as information that relates to an identified or identifiable living individual.”

Here you can read about it: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en#examples-of-personal-data

This means collecting email alone does not fall under the regulation. It only applies if the email is like this firs.last@company.com with this email you can identify the person, but an email tq123@gmail.com is not considered personal data.

To me, if you are just collecting email alone, it does not fall under general data protection regulation (GDPR), unless, you collect name and address.

  • Let’s look at Small Business exception. Article 30, business under 250 employees.

You can read it here: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/application-regulation/who-does-data-protection-law-apply_en

This exception does not apply if “processing personal data is a core part of your business and your activity does create risks for individuals.” I am not going into the legal interpretation of this language, because I believe it does not apply to anyone here in WA.

Collecting email alone does not fall under GDPR. It must be more. Visit the EU page and read some examples they have put up. You will get a clear picture of GDPR. Ignore the internet PR is just going to confuse you more.

Let me be honest with everyone here in the Wealthy Affiliate Community, I don’t believe the EU Commission can enforce the regulation on every business worldwide. This is just comment senses.

There are more exceptions, but I will not go into it. I think these exceptions cover also everyone here in WA. I encourage you to visit the EU commission website to read it for yourself.

Lastly, please do not believe in anyone calls themselves expert on GDPR. I can tell you this, it is a scam, because GDPR has not even implemented. Even the EU Commission does not have a clear understanding of how this regulation will be enforced. You will also have the court systems worldwide to deal with. I don’t understand how can someone claim as an expert when the law has not even implemented? Most of the stuff online are individual opinions and guesses, including my blog here. If you decide to hire one of these experts, ask the expert to give you a guarantee of protection from GDPR to see how they answer.

This is my opinion and it is not intended as a legal advice or will this establish any attorney client relationship. You are encouraged to contact your own attorney to address your specific situation.


Join the Discussion
Write something…
Recent messages
RAFStuart Premium
Hi I cannot agree with the comments passed, have been involved in this via my role with the Royal British Legion, as I am the Chairman of the Membership Handbook Committee, I have a duty to ensure that the correct information appears there and is correct. In fairness a senior member of staff has done it for me!

Regarding small business owners, I understand that on the capture page we will be obliged to put in on the block for emails and name, a note which states that the person submitting the details does/does not wish for further contact.

I have seen this in writing, will try and collect more over the coming days.

This legislation only applies to great Britain and Europe.
OnlineBzDog Premium
Thank you for contributing your thought. The requirement you mention has nothing to do with GDPR. The GDPR addresses the issues of protecting personal data, not how to collect personal data.

I am looking forward to your finding to learn more.

Thank you.
RAFStuart Premium
Whilst I take your point, if we are collecting personal data, then we must be able to keep it safely, if the person giving us the information, wishes us to keep it, hence the option box. Would you not agree!
OnlineBzDog Premium
Yes, If you are in the business collecting personal data, you have to provide the customer with this option that what GDPR requires. No matter the size of your business.

However, GDPR does not require you to collect personal data. This is why they go to great length with explaining what is personal data and what is not.
MozMary Premium Plus
aha, so my inbox is filling up right now from shops who have my delivery address - I think you explained why it's them and not everyone else...woops, hold on, personal data includes names!
dbriley Premium
Thanks for the information
pitofly Premium
Thank You for deciphering the new regulations and sharing with us.
StevenRinker Premium
Makes total sense to me. Thanks for the clear and concise explanation.
Steven-A Premium
thanks for making this so understandable. great work.