Please note that this blog post is for informational purposes only, it should not be construed as legal advice. Any questions about how the GDPR impacts your business should be directed to a competent professional adviser.
As I’m sure you are aware the GDPR becomes law on May 25th 2018.
The purpose of this legislation is to harmonize data privacy laws across Europe and to give individuals more rights, control and understanding of how their personal data is processed.
I have seen a lot of misinformation about the GDPR circulating online (often with the intention of frightening small business owners into buying products that are supposed to take care of the GDPR for you) so I decided to share the action I have taken to protect my business based on my personal research.
If you are operating a business that uses personal data from EU based consumers – whether or not your business is based in the EU – there are various actions that you must take to be compliant with the new regulations.
So, for example you are based in the United States and you operate an Etsy shop that fulfills orders from EU based buyers – the name and address information you receive in order to fulfill those orders is covered by the GDPR.
Your EU buyer has a right to know how their personal data is being used, they also have the right to make changes to their personal data, request copies of their personal data or request that their data be deleted entirely from your records.
You are obliged under the regulations to document a process for EU consumers to make such requests and then communicate it though your public facing privacy policy.
If you have’t created a privacy policy before don’t worry – Etsy have put together a comprehensive guide – “How to write on-point privacy policies” which uses a sample privacy policy taken from a real seller’s shop as the basis for a step by step guide to creating your own.
I used this sample policy as the basis for my own which I then simply added to the newly updated ‘privacy’ section in my shop policies.
Your obligations under the GDPR if you use email marketing in your business
If you are using email marketing in your business you have some additional obligations which are explained in this useful 5 point checklist produced by AWeber.
AWeber have also published an article called “6 Myths about the GDPR and Email Marketing Debunked” which I found very helpful and reassuring.
 | Want 5 easy side hustles? Get your FREE guide: "5 Easy Etsy Product Lines You Can Do Right Now!" |
.jpg)
Try as I may I cannot update my privacy setting…. I go to settings on my ETSY account then options scroll to the bottom where it says modify privacy settings
but all I get is a pop up from etsy also at the side of the Privacy Settings link is what looks like a closed padlock any ideas how to update as you have done???
Thanks for your question Terry!
I received an email from Etsy about this with a link that takes you straight to your policies section;
https://etsy.me/2IQLES3