• Startups
  • May 04, 2018

What does the GDPR mean for American companies?

By Lawbite Team

Talk to a Lawyer Free Legal Help
The General Data Protection Regulation (GDPR) came into force across the EU last year and became directly applicable in all EU member states without the need for local implementation. This will also affect the US market and American businesses are furiously working towards compliance!

They have physically established presence in the EU, regardless of whether the processing takes place in the EU, including branches, representatives, subsidiaries, affiliates or agents;

They offer goods or services to individuals and businesses, based in the EU (whether free or paid) including websites and other online services accessed by or targeting EU based individuals or businesses, particularly in the country’s native language; or
 They monitor EU residents’ behaviour, including internet-based online behavioural advertising or profiling activities.
 EU residents’ behaviour, including internet-based online behavioural advertising or profiling activities.
Global and US-based organisations must assess whether the GDPR is applicable to their data processing operations. This includes the analysis of an organisation’s business activities and processing of personal data in that respect, looking at various process flows, including by type of data subject - customers, suppliers, third parties, such as sub-processors, employees, marketing lists and others.

“Personal data” is very widely defined under the GDPR and examples include names, email addresses, telephone numbers, financial and payment details, location data and IP address, amongst others. Broadly, if you can trace an individual from data, it means you are dealing with personal data. Examples of “processing” of personal data include collection, recording, organisation, storing, retrieving, using, disclosing or deleting.

If data processing activities of an American or global business fall within the scope of the GDPR, the business will need to invest both time and funds to have the right documents in place, including policies, privacy notices and contractual provisions.

In addition, the appointment of a Data Protection Officer may be necessary, as well as internal training to management and staff and changes to existing procedures and systems.

The consequences of non-compliance with GDPR will likely make a significant impact on any business and include:

Up to 10 million Euros or 2% of annual worldwide turnover, whichever is greater, for breaches of (mainly) record keeping, contracting and security clauses;
Up to 20 million Euros or 4% of annual worldwide turnover, whichever is greater, for breaches of (mainly) basic principles, data subject access requests, transfer to third countries and non-compliance with an ICO order (in the UK);
Management time for internal investigations and cooperation with the authorities; and
Damage to reputation
 
    
Although the GDPR compliance deadline is fast approaching it’s not too late! To consult with LawBite’s GDPR lawyer Alla Fairbrother, please submit an enquiry for a free 15-minute consultation or call our dedicated GDPR Hotline 0845 241 1843.

We have also put together a special LawBite Rescue GDPR Package for clients who need a little extra last-minute help with compliance. In addition to 12 GDPR compliant templates the package contains a 30-minute GDPR audit consultation and 2 hours of specific GDPR legal advice for only £495 + VAT (versus £675 + VAT).

If you haven’t yet, please do take advantage of our next FREE GDPR Webinar on the 9th May at 12 pm you can register here.


In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Related Articles

Read more of our latest blog posts, featuring all the latest legal news, analysis and opinion from our expert lawyers.

blog image
  • By Lawbite Team
  • March 16, 2021
10 Steps every Start Up must take to avoid Legal 'Bear Traps'

Every start-up business needs the law. Unfortunately, many cut corners or worse still, ignore the legal side of their business all together. Here's...


Startups
blog image
  • By Lawbite Team
  • November 16, 2020
ICO Fines - Not Just Big Companies Under Scrutiny on GDPR

The supervisory authority for GDPR compliance, the Information Commissioner's Office (ICO), has recently published its decision to fine British Air...


Gdpr
blog image
  • By Lawbite Team
  • March 26, 2020
COVID-19: Remote working and protecting personal data

Many businesses have needed to adapt and embrace remote working. For many, this can raise new working practices and question how data is managed wi...


Gdpr, Coronavirus

LawBite can help you

LawBite is on a mission to provide business legal advice that is easier to access, clearer to understand and much cheaper. Our on-line legal advice platform can quickly connect you with expert business legal advice. Our friendly, highly qualified business lawyers, solicitors and mediators will give you the guidance and reassurance that comes from customised legal advice for small and medium sized business.

Whether you are bringing or defending a legal claim, outsourcing work, want a business contract review to ward off disagreements, talk to an expert trademark lawyer, resolve a contractual dispute with methods like mediation and arbitration, or getting your new company set up and on the right footing with a robust shareholder agreement and GDPR standards, we can help you succeed.

defend a claim

Talk to a Lawyer

Book a Call
defend a claim

Essentials Plan