Saturday, June 2, 2018

rights and obligations

With the recent implementation of the General Data Protection Regulation (GDPR) or Datenschutz Grundverordnung (DSGVO) and the deadline of May 25, 2018 to get everything up to speed, a lot of panic and heated discussions were on the rise, especially for little businesses such as mine. I made it through and here are my thoughts.

So what is the whole General Data Protection Regulation (GDPR) all about? This is how I see it and translate it into my everyday language - it is a collection of basic EU laws requiring businesses to clearly state what personal data is collected from its customers, how the data is used and how that company safeguards their user's information as well as additional rights of the individual and obligations of the company obtaining data. These regulations not only apply to large companies with an Internet presence within the EU, but also to non-Internet companies, organizations such as dentists, non-profit communities, places of worship, etc. within the EU. Although these laws are written for the EU, they also apply to non-EU entities collecting or processing personal data of individuals from and within the EU. That means, basically every international company or entity outside the EU as well.

Why does this affect me? Because 1) I have a small business. 2) I am a consumer.

So, I have to look at both perspectives here. First of all, as a small business owner, it is my obligation to explain to my "customers and/or website readers" what information is collected, how is it used and safeguarded. I am a simple girl with simple ideas. I only collect personal data from you, when I need to contact you or when you buy a pattern from me. Then I would like to know how to get in touch with you (email address) or where to send your goods (home shipping address). I have no other reason to collect any other type of data from you and will do my best to keep it this simple in the future. I would not and have never sold your information to third parties. 

You can read my complete GDPR (in German) here. An English version will follow as well.

Blogger and Google do, however, collect more information such as your IP address and track your movements with "cookies." Please refer to their data protection policies

After rethinking this entire issue, I have also changed my website and my blog in accordance with 1) the small business owner and 2) the perspective of a customer. Some things have been deleted such as magic buttons from third parties. I was personally unaware that when you had these one your website and blog, they were potentially tracking, collecting and profiling my readers. This was never my intention. I am sorry.

I also do not put Ad Trackers onto my blog. I don't like these pesky pop-up adds when I visit other's sites and refuse to put them on my own site. I only advertise shops and products (with direct links and no tracking options) I truly endorse and stand behind like quilting shops.

All of my purchase buttons and purchasable patterns have been moved to my Etsy shop - easypatchworkSHOP. By doing this, I am unable to see payment information used by a customer such as PayPal address, credit card and bank accounts numbers customers have used. (I once had direct buy PayPal buttons for patterns on my website that were also removed.) 

I will also be deleting ALL of my CRAFTSY patterns those both free and at a low cost fee. (I intend to have new and updated copies uploaded to Etsy one day.) From their privacy policy, it is not clear to me how your data is used. So I decided, I will discontinue the use of that platform. When you download a free pattern on my website, I am not informed of the transaction. My web provider, 1&1 may, however, be collecting this data information without my knowledge. Please refer to their privacy and data collection policy.

Is there anything wrong with companies collecting and tracking your data? Not if you know it and agree it. I think this discussion came about, because no one truly knew what information was being collected and how it was being used. And information is very valuable. I certainly do not want data used to influence me into one direction or another. That's what my husband does. He likes to prep me on decisions months in advance of an actual purchase. I know his strategy and agreed long ago without a disclaimer. : )

With the new regulations, you have the right to be informed about the company's intent and to decline the service or not be tracked. You also have the right to tell the company to remove a comment or content from, or about, you. They have the responsibility to remove it. You have the right to cancel your subscriptions, and they have the obligation to remove your data from their records (as long as it complies with state, federal, EU laws).

I am embracing these new laws. I am happy and grateful for people like Viviane Reding and Jan Phillip Albrecht who highly supported this type of legislation long before I ever thought about it. Thank you!

Read all about the DSGVO in German here. or in English here.

Please feel free to leave a comment. I would really love to hear your thoughts about this. But remember, if you are logged in, you are being tracked. 

Thanks for dropping by!

P.S. {The original post was written two weeks ago and edited after some much needed reflection time. I was basically pretty upset when I found out how much information was being collected on me and my movements within the Internet. Needless to say, I deleted my Facebook account this morning.}