The EU’s General Data Protection Regulation (GDPR) comes into force on May 25th, 2018. Since the law has become topical at many e-commerce companies, we would like to give you a brief overview of the regulation and its implementation at Spreadshirt (should you also have a European account).
The Regulation is designed to protect personal data whenever this data is processed by private companies and public authorities. In EU countries, it largely replaces the national provisions on data protection that are currently in place.
A summary of the regulations can, for example, be found here:
Implementation at Spreadshirt
We’ve been busy implementing the new requirements of the GDPR for quite a while. Some of the changes have taken place in the background, i.e. the redesign of the records of processing activities or the update of data processing contracts with our service providers. Certain changes are somewhat more visible, such as the adjustment of our data privacy statement on Spreadshirt’s online privacy policy.
Do I need an additional contract with Spreadshirt?
From our point of view, a contract for data processing between Spreadshirt and a Shop Owner or Marketplace Designer is not necessary. We are contractual partners of our customers, meaning you can give your attention entirely to creating designs and running your Shop. In principle, Spreadshirt oversees the purpose and means of data processing on Spreadshirt’s Marketplace and Spreadshirt’s Shops.
Implication for Marketplace Designers
There will be no changes for Marketplace Designers. We are adapting the privacy policy on Spreadshirt’s websites and will continue to take care of its design.
Implication for Shop Owners
We will also adapt the corresponding texts for Spreadshirt Shops. The site notice and privacy policy are linked in the footer of each Shop. The privacy policy also contains sections on Google Analytics and Facebook Pixel, which are integrated into the Shop by the operator.
It is important that this information is always available and never hidden.
If you have integrated your Spreadshirt Shop to another website, there are several things you should keep in mind:
To keep your Shop’s legal information (e.g. the imprint, the terms and conditions and the privacy policy) up-to-date, please don’t save this information elsewhere on your website.
In addition to the information provided by us, independent legal information from you (site notice, privacy policy, etc.) may also be required in relation to content and marketing activities on your website that are provided or engaged in independently. The amount of necessary information expressly depends on the individual case, which is why we cannot (and should not) give any kind of recommendation.
We would like to refer you to a few more pages specific to the requirements of th GDPR:
- https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
- https://termsfeed.com/privacy-policy/generator/
- http://www.osborneclarke.com/insights/infographic-are-you-ready-for-gdpr-compliance/
If you have more profound and far-reaching questions about the requirements for your website(s), we recommend involving an experienced lawyer (e.g. a specialist lawyer for IT law) or an external data protection officer.
We hope we’ve been able to shed light on these important changes. Do you have any questions or thoughts about data protection? Please let us know in the comments!
wpDiscuz