On May 25th, the EU will start enforcing the GDPR (General Data Protection Regulation), which is a set of rules that serves to provide stricter protections for data privacy of individuals residing in the EU. As part of this, there are also new guidelines for the collection of consumer data. You’ve likely noticed a lot of companies updating their privacy policies as of late, Monsoon included, so you can bet that this has something to do with it.
What’s important to note here is that the regulations apply to any company that stores or processes personal data of an individual residing in the EU, not just to companies based in the EU. So if you are a US-based company and store or process personal data on individuals in the UK or EU, you’re also subject to the regulations.
While we’re not lawyers here and Monsoon can’t advise specifically on how to comply, we do think it’s important to provide you with access to information so that you can be better informed. Here are some helpful links:
ICO.org.uk - This is the website for the Information Commissioner’s Office and is your most thorough resource about the specifics behind the GDPR, including a preparation guide.
Amazon Seller Forum - Here you can read what other Amazon sellers are saying about the GDPR requirements. There is also an example of how one seller has chosen to update their own privacy policies.
Again, we can’t advise on your specific responsibilities for compliance, but want to make sure you have access to relevant information. This is new territory for all of us (marketplaces included) and still in flux, so we will try to keep you in the loop as we learn more about it. But we strongly suggest that you consult with people who are knowledgeable about this topic and take any action that may be required on your end.