What Is GDPR: 5 Things Every Store Owner Should Know

Reading Time: 4 minutes
What is GDPR

If you run an e-commerce store, that means you’re already plenty busy. SEO, social, design. You don’t need another item for the to-do list. So let me apologise right away for adding one. It’s just that, well, GDPR is too important to ignore.

Did you hear of GDPR? If you haven’t, chances are you will soon.

In this article I will explain:

  • What this GDPR thing actually is
  • What it means for you and your store
  • How you can capitalise on GDPR

So, first things first. What is GDPR?

GDPR is short for General Data Protection Regulation. It’s 88 pages and 50,000 words long, and I thought it’d be a good idea just to go ahead. GDPR is Europe’s big new data protection regulation. GDPR took effect in May 2018, and it creates rules for how all European residents’ data must be handled. And in some very real ways, it reshapes what it means to do e-commerce in Europe.

Now, GDPR is not a tech document. In fact, e-commerce is only discussed once. And that’s in a footnote. And call it “electronic commerce.” It is less of a digital playbook than a statement on fundamental rights. That’s how you get stuff like;

“The processing of personal data should be designed to serve mankind.”

But while you’re serving mankind, you also need to serve your customers. So let’s get familiar with what GDPR means for you.

Regardless of where you are based (US, Canada, Germany, Japan, wherever), GDPR applies to everyone who offers products or services to consumers in Europe. So if your e-commerce shop is available in Europe, you have to comply with GDPR.

Europe accounts for about 25% of global GDP, so it’s not a market you should ignore. And that means can’t ignore GDPR, either.

Let’s look at 5 things that every store owner should know about GDPR.

1. Consent Is King

Being GDPR compliant means, you can’t assume what your users want. For example, GDPR says;

“Silence, pre-ticked boxes or inactivity should not constitute consent.

That means you should avoid stuff like this.

2. Only Collect Data That You Need

The heart of GDPR is protecting people’s data. You can limit your exposure to new rules and regulations simply by not collecting data that you don’t need. If there is no business value in knowing, say, what company your customer works for, then GDPR gives you an incentive not even to ask.

If you’re not going to use the information, then don’t ask for it. And if you are going to use it, be really clear about what you’ll use it for.

For example, sometimes you’ll see checkout pages that ask for a shopper’s phone number. Store owners need to ask themselves, “What am I going to use this person’s phone number for?” There are definitely legit reasons to ask for a phone number. Could be for SMS campaigns, or as a safeguard against fraudulent orders.

Shopify’s fraud detection flags orders if the shipping address and IP address are in different locations, and then use the phone number to protect consumers and get confirmation. That’s fine as far as GDPR goes. Just make sure that you explain this stuff in your terms and conditions and privacy policy.

What Is GDPR: 5 Things Every Store Owner Should Know

3. Make Everything Really Clear

Regulators in charge of GDPR compliance love transparency. You could put an “unsubscribe” link on your website next to “subscribe.” You could link directly to your terms and conditions and privacy policy from your footer. Putting all of this stuff out in the open is one of the simplest ways to protect yourself from concerns about GDPR compliance.

4. Don’t Do Sneaky Stuff

Speaking of out in the open, don’t do sneaky stuff. For e-commerce store owners, so much of GDPR boils down to simply not being sneaky. If you are honest and transparent and implementing best practices, then you probably won’t have regulators knocking on your door.

5. Keep Selling In Europe

The European Union is not trying to shut down online stores. So, even if GDPR seems a bit old school, it’s not part of some coordinated effort to sink e-commerce. Which means you can and should sell in Europe! Especially if you’re a dropshipper.

After all, European markets have a lot of English speakers to reach with ads, plus shipping from Chinese suppliers to European markets is cheap and relatively fast. GDPR isn’t just rules and headaches. It’s a huge opportunity: European customers will like you more if you are GDPR compliant.

Data privacy is kind of a big deal in Europe. That’s why European companies from every sector use data protection and data privacy as a selling point, and store owners can do the same.

what is gdpr edeka

Here, for example, is the homepage of the German supermarket chain Edeka. When you arrive, you get a heads up that they use cookies, as well as a link to a “Privacy Policy” page – that’s the blue word that says “Datenschutzhinweisen”. This data privacy stuff is WAY bigger than the company logo. It’s front and, and huge Interested customers can also find a large cookies section in the imprint, which also links back to the data privacy section. Topics surrounding GDPR compliance are planted all over the website. Remember: Edeka isn’t a financial institution or a government body. It’s a supermarket, and still, the website is littered with references to data privacy.

Simply put, data privacy and data protection are huge topics in Europe. Sure, some countries require companies to give details about cookies and data protection. But these websites don’t just give details. They show it off. It’s marketing!

European consumers want to feel comfortable about data privacy issues before engaging with a brand and making a purchase. You can leverage these attitudes to grow your e-commerce business.

Let people know that you are GDPR compliant. Make it part of your Terms and Conditions page. Put it in the footer of your emails. Every little bit helps. If you’re GDPR compliant and your competitor isn’t — or even if both of you are GDPR compliant, but you’re the only one who brags about it — then that might be a big selling point in the European market.

5 1 vote
Article Rating
Notify of
Inline Feedbacks
View all comments