back to checklists

GDPR Compliance for Small Businesses: What You Need to Know

The GDPR will apply to small businesses located in the US because the internet creates a global marketplace. As such, small businesses can take easy steps to protecting themselves from GDPR scrutiny. This checklist is created to help small businesses ensure GDPR compliance or take steps to cut ties with foreign countries so as to evade GDPR scrutiny. However, if your business is or could be subject to the GDPR we advise you consult a local attorney to ensure compliance.

  • The GDPR only applies to entities which control or process data obtained from EU residents.

  • Are you collecting information on EU residents or merely EU citizens.

  • What information are you collecting?

  • Does your website provide a notice to users about the data it collects and how it will be used?

  • Do you provide a mechanism for the user to consent to the use of his/her personal information

  • Do you provide a check box for a user to consent

  • What happens if a user denies the request to collect user information?

  • If you are not doing these activities or already have mechanisms in place to protect the user data in the way outlined above then you are likely going to be in compliance with the GPDR. If you determine that you are not in compliance with the GDPR and think you may be subject to its jurisdiction then contact an attorney for further compliance suggestions.


back to checklists

The Office of Privacy and Data Protection announces beta testing of “Privacy Modeling,” a new web application that identifies the privacy laws relevant to the product or service you wish to create.

Go to Privacy Modelling App

Something went wrong. Please try again.