Just released: How to raise venture capital in 2023

Download

5 Facts Startups Need to Know About the GDPR

TL:DR

Key Takeaways

Matt McKenna Scale Underwriting
Matt McKenna

Underwriting Manager

Any business that comes in contact with EU citizens will have to follow new rules as of May of this year. The General Data Protection Regulation (GDPR), passed by EU Parliament in April 2016, directly impacts businesses in the US, EU and elsewhere. Its purpose is to set uniform standards for data protection and prevent businesses from misleading EU citizens about how their data is being used.

Here are 5 facts every startup needs to know to avoid running afoul:

1. Does the GDPR Affect Me?

If your company does business with — or tracks the behavior of — EU citizens, you need to comply. Whether or not you’re located in the EU makes no difference. What matters is whose personal data you are exposed to.

2. What Is “Personal Data” According to the GDPR?

The EU’s definition of “personal data” is broader than those of some US jurisdictions. Here’s how the EU Parliament sees it:

Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

GUIDE

Cyber Risk Management Guide

3. What Do I Need to Do to Comply With the GDPR?

You may need to make changes to your contracts and internal processes. You’ll have to formulate a data breach response plan if you don’t have one in place. If you do have one, you may need to update it. Is your customer privacy policy filled with legalese? It’s possible your lawyer will recommend rewriting it. Transparency with users is one of the most important goals of the GDPR.

It can’t hurt to familiarize yourself with the regulation (full text here). Make sure to also take advantage of the FAQ and online resources that the EU has made available. Law firms are publishing compliance checklists which can be a helpful tool.

Most importantly, as with all legal matters, consult your attorney to make sure you’re not breaking any rules.

4. When Is the Deadline to Comply With the GDPR?

The absolute, last-minute deadline is May 25th, 2018. Companies not in compliance on that date could be fined.

5. But…Why Should I?

Fair question. Especially for US-domiciled companies that only have limited exposure to EU citizens, what’s the worst that can happen?

The EU Parliament is taking this new regulation very seriously:

Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts.

360 Risk Assessment

Understand how your insurance coverage & risk management measures up.

Related Articles

data breach 2024
October 1 • Cyber Liability

Top 10 Cyber Security Data Breaches of 2024

Cybersecurity under attack in 2024! Discover the top 10 data breaches that rocked the world. Learn how major companies fell victim to cybercriminals. Understand the risks and take action to protect your business from cyber threats.

supply chain disruptions
August 27 • Cyber Liability

Cyber Attacks & Supply Chain Disruptions: Startup’s Worst Enemy?

Explore the evolving threat landscape for supply chain disruptions, mitigation strategies, and the importance of risk management in today’s volatile business environment.

cyber insurance pricing trends 2024
March 13 • Cyber Liability

Cyber Insurance Pricing Trends 2024

Uncertain about cyber insurance costs in 2024? Our article explores pricing trends, expert predictions on rate increases, and strategies to potentially reduce your cyber insurance premium.

cyber liability insurance premiums
March 4 • Cyber Liability

7 “Must Haves” For Cyber Liability Insurance in 2024

With cyber liability insurance premiums rising, business leaders must have the inside scoop to keep costs low. Our partners at Blacksmith InfoSec delve into those tips and tricks.

Cybersecurity Data Breaches
November 9 • Cyber Liability

Top 10 Cybersecurity Data Breaches of 2023

Today’s digital landscape is frightening for business leaders. Here’s a glimpse into some of the most cringe-worthy data breaches in 2023 — plus, how to avoid them.

Cyber Insurance Pricing Trends
July 19 • Cyber Liability

Cyber Insurance Pricing Trends 2023

After a hard-hit 2022, let’s explore the lessons learned, what currently impacts the cyber market, and cyber insurance pricing trends to expect in the future.