Does the new EU data protection law apply to you?
The European Union General Data Protection Regulation (the GDPR) applies from 25 May 2018.
It applies to Australian businesses regardless of size that
- have an office in the EU
- have a website which targets EU customers for example by enabling them to order goods or services in a European language (other than English) or enabling payment in
euros - website mentions customers or users in the EU
- tracks individuals in the EU on the internet and uses data processing techniques to profile individuals to analyse and predict personal preferences, behaviours and attitudes.
If that is you a good place to start is the Australian Government, Department of Australian Information Commissioner Privacy business resource 21
Fines can range from up to €20 million or 4 per cent of annual worldwide turnover, (whichever is higher). So it is worth making sure whether you comply or not.
Remember, ignorance is no excuse.