Last week, we reported that Many Companies Remain Unready for GDPR. And now, we study how companies must respond to GDPR (the General Data Protection Regulation) by May 25, 2018. Just 17 days from today.
In this post, we look at what companies must do. And we show what a global firm — Google — is doing.
How Companies Must Respond to GDPR
According to Adam Satariano, writing for the New York Times:
“The law requires that terms and conditions be written in plain, understandable language, not legalese. Also, firms must give you options to block information from being gathered. If you live in a European Union member states, one change you may welcome. You are likely to see fewer shoe or appliance ads that follow you around the Internet after your online shopping.” [And keep in mind that GDPR affects firms doing any online business in the EU, even if based elsewhere. Thus, U.S. firms operating online in the EU must comply.]
“The new law requires transparency about how your data are handled. And to get your permission before starting to use the data. It raises the legal bar that firms must clear to target ads based on personal data about your relationship status, job or education, or your use of Web sites and apps.”
Important Google Updates About the General Data Protection Regulation (GDPR)
U.S.-based Google has been sending this E-mail to comply with GDPR. Note the word “mandatory” below the message. “You have received this mandatory email service announcement to update you about important changes to your Google product or account.”
Google also offers compliance tips for publishers and advertisers at this site.