Small Business Tax Center
Small Business Ideas, Grants &
Plans to Start & Run a Business:

Small Business Grants
Network in Cyberschmooz Community Ask Questions Questions and Answers Share Tips Small Business Ideas List Your Business Business Advice from Idea Cafe Experts Coffee Talk with Experts Starting A Business Business Plan Biz Planning | Sample Plans Small Business Ideas Idea Name Your Biz Name Plan Your Biz Plan Financing $ Starting a Business Do It! Running your Business Marketing Tips Promotional Merchandise Marketing Tips Marketing | Sales | Customers Human Resources HR | Employees | Contractors Legal Forms & Tax Information Legal | Biz Forms Managing a Business Managing | Operations
Financing Resources Financing Your Business E Commerce & Webhosting eCommerce Take Out Info Trade Publications FREE Trade Publications Business Books Biz Books Your Own Business Small Business News Small Biz News Gen X Biz Gen X Biz Work at Home Work @ Home Business Information The Fridge - Biz Info on Ice Destress Send Awards Send Awards & Greetings Yoga At Your Desk Yoga @ Your Desk Fun Guide Guide to Find FUN Online About Idea Cafe Press Idea Cafe has received Idea Cafe in the News Idea Cafe's Kudos Kudos for Idea Cafe Advertise on Idea Cafe Advertise on Idea Cafe Privacy Policy Privacy Policy Contact Idea Cafe Contact Idea Cafe Link to Idea Cafe Link to/from Idea Cafe Join Idea Cafe
Search Idea Cafe Site Directory Site Map Online directory to business resources Biz Web Guide

Expert Answers to Biz Questions

Listen in! Pick up some expert advice to a reader's question that we selected from CyberSchmooz.

color business bar

GDPR - What do Small Business Owners Need to Know?


If you’ve been paying attention to the world of online data regulation recently then you’ve probably heard of the upcoming General Data Protection Regulation (GDPR). This wide-ranging regulation, for those unaware, aims to enable the better personal data protection of all European Union residents and visitors. This means that every website or business based in the EU, and all of those who interact with the EU, are required to adhere to strict rules governing what data is stored and which safety measures need to be put in place.

In this article we’ll go over a few of the key points to help small business owners get prepared for these upcoming regulations.

What Does Your Business Fall Under?

There are two main roles which we will be looking at when it comes to your exact method of dealing with data under GDPR. These are Data Controller and Data Processor. A Data Controller, in this context, refers to any entity which itself determines the purpose and means of processing personal information and data. This includes companies which collect personal data from its employees and businesses which require online user payments. If your business engages in any similar activities then you will be affected by this regulation. A more direct example would be a business which sells online if you are either located within the EU or can do business with anyone in the EU.

A Data Processor, according to the GDPR, is an entity which deals with processing data on behalf of the Data Controller. This includes those companies which process data like payment information which is passed to them by Data Controllers, such as payroll companies which process employee paychecks. Simply put – if your organization is handed the personal data of people in the EU, then you will be affected by this new regulation.

Global Influence

Many people have trouble with the fact that the GDPR will require a global effort. Remember – it deals with anyone who traffics in some way with personal data of EU residents, regardless of where that company is itself located. This means anything international, from the US and beyond, and so it is much further reaching than many realize. A simple mistake to make, but one which should be understood.

What Can You Do?

The specifics of these changes can take a while to implement, given that the GDPR includes 99 articles detailing data protection and enforcement rules. GDPR, however, is set to come into effect on May 25, 2018, and there are hefty fines for those not ready.

In terms of data protection, we can narrow the articles down to a couple of most relevant sections:

  • Data Protection by Design and Default – Article 25

According to this article, all data controllers must ensure both that personal data cannot be attributed to an identified or identifiable data subject, and that the only data which can be collected is that necessary for a specific, identifiable purpose.

  • Security of Data Processing - Article 32

In this article, the GDPR states that both data controllers and processors must implement measures which allow for the encryption or hiding of personal data, maintaining ongoing integrity and confidentiality, the restoration of availability post-breach, and testing of the involved systems.

This should give you an indication of the changes you might be expected to make.


Small Business Tax CenterIdea Cafe HomeSign UpBiz Grant CenterCyberSchmoozCoffee Talk with ExpertsPeople in Biz ProfilesStarting Your BizBiz PlanningRunning Your BizFREE Trade PublicationsMarketingFinancing Your BizHuman ResourcesLegal & Biz FormsManaging Your BizeCommerceYou and Your BizGen XWork@HomeThe FridgeDe-StressSend an AwardSend an eGreetingYoga @ Your DeskWeb GuideIdea Cafe in the NewsAbout Idea CafeAdvertise on Idea CafeContact UsPrivacy PolicySite MapSmall Biz News

Copyright 1995-2024, Idea Cafe Inc. Downloads are for personal use only, not for resale to others, and may not be reprinted in any form without written permission from Idea Cafe Inc.

DISCLAIMER: We hope whatever you find on this site is helpful, but be cautioned that it may not apply to your own situation, or be totally current at any given time. Idea Cafe Inc. and all of its current and past experts, sponsors, advertisers, agents, contractors and advisors disclaim all warranties with regard to anything found anywhere on this family of websites, quoted from, or sent from Idea Cafe. and its related sites, publications and companies. We also take no responsibility for comments published by others on these pages.

TRADEMARKS: The following are Registered Trademarks or Servicemarks of DevStart, Inc.: Idea Cafe®, Online Coffee Break®, The Small Business Gathering Place®, Take out Info®, Biz Bar & Grill®, Complaint-O-Meter®, A Fun Approach to Serious Business™, CyberSchmooz™, and BizCafe™.