What Companies are Affected by GDPR

By Marianne Chrisos - Last Updated on June 21, 2018
What Companies are Affected by GDPR

GDPR is an extensive data privacy policy that affects businesses worldwide.

How to find out what companies are affected by GDPR.

The GDPR is short for General Data Protection Regulation, a European security policy that went into effect May 2018. These regulations were created to better protect consumer privacy and ensure better handling of all customer information by companies and businesses. One way the GDPR will impact business is by ensuring stronger consumer consent to share information as well as high fines for businesses who don’t abide by the regulations.


For companies asking, “What does GDPR mean for US companies?” the truth is it will affect most companies. Any company based in the US that has distribution or clientele in Europe must follow the GDPR mandate. Even though this is a European based regulation, it will affect how companies do business globally, as many brands, no matter where they’re located or headquartered, will correspond with or sell to customers all over the world.

What is the Scope of GDPR?

Basically, GDPR says that if you collect personal data or behavioral information from a person in Europe, you are subject to more stringent security and data protection policies. Customers need to consent to have their information collected and used for marketing or business purposes in marketing emails and other online forms. The language of consent must be clear and not ambiguous, as well as easy to find, easy to read, and easy to understand. Customers must also have easy access to privacy policies of a company as well.

What Companies Are Affected By GDPR?

When it comes to how the GDPR will affect U.S. companies, if a U.S. company does business over the web and markets their products or services over the web, there’s a possibility that they’ll be affected by the GDPR rules. Here are some questions to ask to know who is affected by GDPR.

  • Does the business market to customers in the EU? (Generic marketing – like a Google ad found by an EU customer – wouldn’t count, but targeted marketing, like a Facebook ad for European customers would.
  • Does the company have a current customer base in the EU?
  • Does the company have any employees that work in the EU?

If the answer to any of the questions is yes, then the business will likely be affected by these regulations. Additionally, companies that accept payment in Euros will likely be guided by these regulations. Companies that were automatically under GDPR guidelines included EU based businesses in the following industries:

  • Cloud service providers
  • Insurance companies
  • Telecommunication companies
  • E-gaming sites

The GDPR has massive compliance regulations for many businesses, even businesses in the United States. It’s important that businesses that are not yet affected begin thinking about data safety and security protocols now, as the GDPR may be indicative of more regulations to come regarding consumer data. The work to ensure compliance with GDPR is extensive, but commitment to customer data safety and protection is a worthwhile pursuit in this digital age. Has your company been affected by GDPR? Do you believe that more companies will be held to stricter consumer privacy policies down the line?

Marianne Chrisos

Marianne Chrisos | Born in Salem, Massachusetts, growing up outside of Chicago, Illinois, and currently living near Dallas, Texas, Marianne is a content writer at a company near Dallas and contributing writer around the internet. She earned her master's degree in Writing and Publishing from DePaul University in Chicago and has worked in publishing, advertising, digital marketing, and content strategy.

Marianne Chrisos

Marianne Chrisos | Born in Salem, Massachusetts, growing up outside of Chicago, Illinois, and currently living near Dallas, Texas, Marianne is a content writer at a c...

Related Posts