Does the GDPR apply to small business? And should you care?
Put simply, it probably does! And yes, you absolutely should care!
The EU’s Privacy law (GDPR) has been in force since 25 May 2018, and applies to all businesses (irrespective of size) if any one of the following apply:
You only need to meet one of these requirements for GDPR to apply to your business.
And the business should care, or at least it should care, for a number of reasons. Firstly, customers prefer to deal with companies that respect their privacy and their data so without complying the business is likely to lose customers, and secondly, if the business does not comply the business is exposed to fines of up to €20m or 4% of global group turnover, whichever is the higher. Worse still, the EU privacy regulator could order the business to stop processing any EU personal data immediately.
If your business doesn't have a presence in the EU but does offer goods and services to individuals in the EU or monitors their behaviour then Art 27 of GDPR requires you to appoint a GDPR Representative in the EU. For additional information please read the article What is a GDPR Representative and when do I need one .
If your business requires an Art 27 GDPR Representative, select the plan that fits your business size to start your 30 day free trial.
30 day free trial
Access to all features
No credit card required to trial
No obligation to continue after your free trial
Flat monthly fees, no hidden costs or long term subscriptions
Owner, with no employees
1 to 10 employees
11 to 50 employees
51 to 250 employees
over 250 employees