This post was written by Bryan Seigworth.
On May 25, 2018, the EU General Data Protection Regulation (GDPR) takes effect. The GDPR will impact any US business that (1) collects information directly from EU citizens (e.g., online sales, social media); or (2) processes for an EU-based entity data regarding EU citizens (e.g., data analytics services).
If your business collects or processes data about citizens in the EU, you will need to ensure that your business is GDPR compliant. Fines are steep, and US-based businesses face not only the threat of direct enforcement by EU regulators, but also claims from their EU-based trade partners that suffer losses or penalties arising from GDPR noncompliance.