GDPR Compliance
Pandectes GDPR Compliance helps Shopify Stores comply with the General Data Protection Regulation (GDPR) by scanning them and identifying the cookies and tracking technologies in use. The scan generates a report that classifies these technologies based on regulatory guidelines and provides options for updates to ensure compliance with GDPR.
What is GDPR?
GDPR stands for General Data Protection Regulation. It is a regulation put in place by the European Union (EU) to protect the personal data of individuals within the EU. It went into effect on May 25, 2018, and applies to any company that processes the personal data of EU citizens, regardless of where the company is based. It gives individuals more control over their personal data and how it is used, and it also imposes strict penalties on companies that fail to comply with the regulation.
Shopify is an e-commerce platform that allows businesses to create and run an online store. As a company that processes the personal data of EU citizens, Shopify is required to comply with the GDPR.
However, it is important to note that while Shopify can help with compliance, it is ultimately the responsibility of the merchant to ensure that they are fully compliant with GDPR. They should also consult with legal advisors to ensure that they are taking all necessary steps to protect their customers’ personal data and comply with the regulation.
Who does the GDPR apply to?
The GDPR applies to Stores operating within the EU, EEA, UK, and Switzerland that process personal data and organizations outside the EU, EEA, UK, and Switzerland that offer goods or services to individuals within the EU, EEA, UK and Switzerland.
What happens if I don't comply with the GDPR?
Failing to comply with the General Data Protection Regulation (GDPR) can result in significant fines and penalties. The GDPR gives supervisory authorities the power to impose administrative fines for non-compliance. The fines can be up to 4% of a company’s global annual revenue or €20 million (whichever is greater).
Fines can be imposed for a variety of reasons, including failure to comply with the principles of data protection by design and by default, failure to appoint a Data Protection Officer (DPO), failure to conduct a Data Protection Impact Assessment (DPIA), and failure to report a data breach.
In addition to fines, supervisory authorities can also impose other penalties, such as ordering companies to stop processing personal data, requiring companies to rectify non-compliance, and issuing reprimands.
In some cases, non-compliance with GDPR can also result in legal action being taken against a company by individuals whose personal data has been affected.
It’s important to note that GDPR compliance is not only about avoiding fines and penalties, but also about protecting people’s personal data and respecting their rights.
When will the GDPR go into effect?
The General Data Protection Regulation (GDPR) went into effect on May 25th, 2018.