The European Union adopted the General Data Protection Regulation (GDPR) in April 2016 and allowed a two year period for companies to become complaint with the new, more stringent rule and regulations. May 25, 2018 is the big date to remember–it’s the day the GDPR becomes enforceable. There is no grace period after this date. In fact, there’s a big countdown clock on the GDPR website, and as of the publishing of this blog, there are just over 100 days left to become compliant.
Welcome to part three of our GDPR Basics blog series. We previously covered who must comply with the GDPR, and what you need to know about acquiring and tracking consent, and now we’re diving into the “where.” Oh where, oh where have the simpler times gone! The days where the internet was a party trick and privacy was something you gained when you’d close your blinds. While I can’t answer those questions I can answer a few other “where” related questions.
Clickwrap agreements are a simple and streamlined method of presenting legal terms. From an eCommerce or SaaS perspective, presenting legal terms as a clickwrap agreement during a customer’s purchase flow makes perfect sense. Customers fill their shopping cart, proceed to checkout, click to agree to legal terms (that they probably didn’t read) and the order is fulfilled.
What’s a safe way to ensure that clickwrap agreements are valid and enforceable? Learn from companies like Safeway. In 2011, Safeway quietly updated its terms and services to reflect the difference between its delivery and in-store prices. The problem? When a company updates its terms of service, it's making a new offer to its users, which requires acceptance.