Skip to content

GDPR Explained: What Ecommerce Store Owners Should Know

Video transcript: If you run an ecommerce store that means you’re already plenty busy, SEO, social design, you don’t need another item for the to-do list. So let me apologize right away for adding one. It’s just that, well, GDPR is too important to ignore. Hey everyone, and welcome to […]

Oberlo on YouTube

Video transcript: If you run an ecommerce store that means you’re already plenty busy, SEO, social design, you don’t need another item for the to-do list. So let me apologize right away for adding one. It’s just that, well, GDPR is too important to ignore.

Hey everyone, and welcome to the Oberlo YouTube channel, where we dig into all things drop shipping and ecommerce. I’m David and today we’re talking about GDPR. You heard of it? If not, chances are you will soon.

In this video, we’ll go over exactly what this GDPR thing is. We’ll explain what it means for you in your store. And finally, we’ll wrap up by looking at how you can capitalize on GDPR. So stick with us til the end to see how GDPR can be your marketing tool.

Start selling online now with Shopify

Start your free trial

What Does GDPR Mean?

A laptop with GDPR icon

GDPR is short for General Data Protection Regulation, it’s 88 pages and 50000 words long, and we thought it’d be a good idea to just go ahead and read it through so that there’s no confusion about… No? I’d already printed… Okay, apparently reading it wouldn’t make for good YouTube. So let’s just say that GDPR is Europe’s big new data protection regulation as of May 2018, It creates rules for how all European residents data must be handled, and in some very real ways, it re-shapes what it means to do ecommerce in Europe.

→ Click Here to Launch Your Online Business with Shopify

Now, GDPR is not a tech document, at all. In fact, ecommerce is only discussed once, and that’s in a footnote, and they call it electronic commerce. GDPR is less of a digital playbook than a statement on fundamental rights. That’s how you get stuff like: “the processing of personal data should be designed to serve mankind, but while you’re serving mankind, you also need to serve your customers.” So let’s get familiar with what GDPR means for you.

Regardless of where you’re based, US, Canada, Germany, Japan, wherever, GDPR applies to anyone who offers products or services to consumers in Europe. Okay then, so if your ecommerce shop is available in Europe, you have to comply with GDPR, Europe accounts for about 25 percent of global GDP, so it’s not a market you should ignore, and that means you can’t ignore GDPR either.

Let’s look at five things every store owner should know about GDPR.

Being GDPR compliant means you can’t assume what your users want. For example, GDPR says “silence pre-ticked boxes or inactivity should not constitute consents.

2. Only Collect Data That You Need

The heart of GDPR is protecting people’s data, and you can limit your exposure to new rules and regulations simply by not collecting data that you don’t need, if there’s no business value in knowing say, what company your customer works for, the GDPR gives you an incentive to not even ask. If you’re not going to use the information, then don’t get it, and if you are going to use it, be really clear about what you’re going to use it for. For example, sometimes you’ll see check out pages that ask for a Shoppers phone number, store owners need to ask themselves, “What am I going to do with this person’s phone number?”

A black surface with question marks scattered over it

There are definitely legit reasons to ask for a phone number, could be for SMS campaigns or as a safeguard against fraudulent orders. Shopify’s fraud detection flags orders if the shipping address and IP address are in different locations, and then uses the phone number to protect consumers and get confirmation, that’s fine, as far as GDPR goes. Just make sure that you explain this stuff in your terms and conditions and privacy policy.

3. Make Everything Really Clear

Regulators in charge of GDPR compliance love transparency. You could put an unsubscribe link on your website next to subscribe, you could link directly to your terms and conditions in your privacy policy from the footer, putting all this stuff out in the open is one of the simplest ways to protect yourself from concerns about GDPR compliance.

4. Don’t Do Sneaky Stuff

Speaking of out in the open, sneaky stuff is a no, no. For ecommerce store-owners, so much of GDPR boils down to simply, not being sneaky. If you’re honest and transparent and implementing best practices, then you probably won’t have regulators knocking on your door.

A man holds his hands up in surprise

5. Keep Selling in Europe

The European Union is not trying to shut down online stores. So even if GDPR seems a bit old school, it’s not part of some coordinated effort to sink ecommerce, which means you can and should sell in Europe, especially if you’re a dropshipper. After all, European markets have a lot of English speakers to reach with ads, plus shipping from Chinese suppliers to European markets is cheap and fast. If you want to learn more about drop shipping internationally click this YouTube card.

Are There Benefits to Being GDPR Compliant?

Big time. GDPR isn’t just rules and headaches, it’s a huge opportunity. European customers will like you more if you are GDPR compliant. Data privacy is kind of a big deal in Europe, that’s why European companies from every sector use data protection and data privacy as selling points, and store owners like you can do the same.

Here for example, is the home page of the German supermarket chain Edeka. When you arrive, you get a heads up that they use cookies as well as a link to a privacy policy page. That’s the blue word here that says “Datenschutzhinweisen.” This data privacy stuff is way bigger than the company logo, it’s front and center and huge. Interested customers can also find a massive cookies section in the imprint, which also links back to the data privacy section. Topics surrounding GDPR Compliance are planted all over the website. And remember, Edeka isn’t a financial institution or a government body, it’s a supermarket, and still the website is littered with references to data privacy. Simply put, these are huge topics in Europe. Sure, some countries require companies to give details about cookies and data protection, but these websites aren’t just getting details, they’re showing off. This is marketing.

GDPR compliant homepage for Edeka supermarket

The GDPR Bottom Line

European consumers want to feel comfortable about data privacy issues before engaging with a brand and making a purchase. You can leverage these attitudes to grow your ecommerce business. Let people know that you’re GDPR compliant. Make GDPR part of your terms and conditions page, put it in the footer of your emails, every little bit helps. If you are GDPR compliant and your competition isn’t, or both of you are GDPR compliant but you’re the only one who brags about it, then that might be a big selling point in the European market.

Alright, that’s enough from us today. What about you, what are you doing to get ready for GDPR? Let us know what GDPR compliance looks like from where you’re sitting. We’re posting videos every week, so be sure to subscribe to the Oberlo YouTube channel to get a heads up when we release something new. Thanks so much for watching. We’ll see you next week, in the meantime, learn often, market better, and sell more.

Start selling online now with Shopify

Start your free trial

Want to Learn More?