In this article, we list the key reasons why having a privacy and data protection policy early in the life of your startup is a good idea.
Your business model must fit privacy laws
Data protection laws will not go away and dreaming of a tech wonderland where online community is self-regulated won’t help.
True, some jurisdictions’ privacy laws such as the US might be easier to comply with than others say those of the EU. However, with more countries across the globe adopting EU-style strict privacy laws, it is getting increasingly difficult to ignore them.
Investors might not be as brave as you might be
You might be brave enough to risk privacy infringements in order to pursue your innovative business model or technology. But investors might not be impressed.
This should not surprise you. You cannot expect anyone to spend millions on something that breaches the law and can, according to the new EU General Data Protection Regulation (GDPR), result in a penalty of up to 4 % of the company’s total worldwide annual turnover.
No data protection, no B2B transactions
GDPR pretty much established extraterritorial jurisdiction over foreign companies whose business comprises collecting data from European citizens. Yet startups based outside Europe might still be relaxed if they lack any physical presence in the EU: how would they ever catch us?
Yet this perspective changes fundamentally if your game is business-to-business. European businesses must abide by the EU data protection laws and cannot share their customers’ data with companies who do not comply with the same rules.