The General Data Protection Regulation (GDPR) standardizes data protection law across the entire European Union (EU) and European Economic Area (EEA) to better protect users’  personal data and digital privacy. The regulation went into effect on May 25, 2018. The GDPR applies to any business, regardless of location, that offers products or services to citizens of the EU and/or has web traffic from the EU. 

Important highlights from this new regulation:

Many of these conditions can be met with a thorough and clear privacy notice.

Checkmark icon

Your terms and conditions must be concise, transparent and easily accessible to visitors to notify them of your data collection.

Shield icon

Proper Design
The GDPR requires companies to initially and purposefully design their systems with the proper security protocols. If you fail to design your data collection systems correctly, your organization could receive a fine.

Book icon

Right to Data Access
Site visitors have the right to request their data profile. If they do so, you must provide a complete and free electronic copy of the data that you’ve collected on them and how you’ve used it.

Trash icon

Right to Data Deletion
After someone receives this data, he or she has the right to request that it is totally erased.

Person icon

Potential Data Protection Officers
Depending on the size of your organization and how you currently collect and use digital data, you may need to appoint a data protection officer (DPO).

How does this fit into my Idea Kraft website?

Idea Kraft is owned in the United States and therefore does not automatically build to GDPR compliance. While our clients are solely responsible for complying with GDPR standards, we are happy to help with the process. If you’re interested in taking additional steps to meet this EU regulation, please contact