More companies announce GDPR compliance efforts as the deadline for enforcement looms
Google Analytics, MailChimp and Squarespace are the latest large enterprises to announce GDPR updates and tools.
With a little less than two months until the General Data Protection Regulation (GDPR) — a sweeping set of European Union (EU) rules that govern the handling of EU citizens’ data — goes into effect, we’re seeing a steady stream of larger companies announcing compliance initiatives and tools. The law will be enforceable starting May 25, 2018.
New tools for Google Analytics users
In a letter sent to administrators last week, Google Analytics announced it was adding two new GDPR-compliance tools to its current data privacy and security features and policies.
- Granular data retention controls that allow users to set specific deletion dates for user and event data.
- User deletion tool for site owners to permanently delete data associated with a specific site visitor.
The company also announced updates, including:
- Contractual language that makes it clear that Google Analytics is a data processor, not a controller.
- Updates to its EU User Consent Policy to reflect new legal requirements, including how to make disclosures and obtain consent from end users of your sites and apps in the European Economic Area (EEA).
Squarespace’s Irish entity to service non-US users
The company told its users this week that after May 14, EU site managers would be serviced by Squarespace Ireland Limited.
The company said the move is “in recognition of the global nature of our user base.” Non-US users will hold a Terms of Service agreement with Squarespace Ireland and US users with the New York-based Squarespace, Inc.
MailChimp adds GDPR-friendly forms
Last week, MailChimp announced updates to its signup forms to help its users comply with rules about gathering consent. The new forms have checkboxes for opt-in consent and include editable sections where users can explain how and why the collected data will be used.
The company also included a step-by-step primer on how to use the forms to gather consent in compliance with GDPR.