GDPR basics for marketplace sellers: don’t panic.
We’ve had a fair few enquiries from Tamebay readers who are curious about GDPR basics and the new regulations soon coming into force about information storage.
GDPR? That’s the new EU regulation code coming into power on 26th May 2018 regarding how organisations hold personal data. Brexit may be coming but until the end of 2020 all businesses are subject to EU law and so GDPR is real. But the realistic view must be that any responsible business isn’t at risk. If you’ve been playing fair and legal so far, you’re likely fine. But that doesn’t mean we shouldn’t also be aware of the new rules and review the situation.
GDPR stands for General Data Protection Regulation and you can find out more from the official website here. And as they say:
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
– GDPR portal
Marketplace sellers and GDPR basics
Any information that you use during your regular every day trading on marketplaces such as eBay, Amazon and Etsy and the rest, such as buyer addresses, names and what little payment data too is not your responsibility. That all falls under the purview of the marketplaces who have a responsibility to comply too.
But if you do keep customer data in your own right, perhaps meaning email lists or customer data bases, you’ll find this post useful: 4 simple measures to meet your GDPR obligations. The responsibilities are not terribly onerous if your business is sensible and decent about how you deal with data already. But you may be on the borderline. And in that case please do seek out legal advice to ensure you comply.
For more information beyond the GDPR basics, it is also worth checking out the the official website of the Information Commissioner’s Office (ICO). And you can find the chapter and verse of all that here.
Honest marketplace sellers, by the way, really don’t have anything much to fear. Just familiarise yourself with the new rules and relax when you realise you’re already compliant. Are you relaxed about GDPR?
GDPR is to be effective in all of EU, including UK, from May 25th, NOT 26th as stated in your second para above (like it says on the keyboard too!)
My company is thinking about investing in an email tool that messages the customer automatically through Amazon/eBay to ask for feedback and reviews.
On the one hand, I wouldn’t think this is an issue, considering the fact that we won’t use the customer’s proper email address, on the other hand, we are emailing them without their consent, as I believe Amazon classes these emails as non-essential.
Are they all okay because they are within Amazon/eBay or will this have to stop without getting consent?
If anyone has any advice, it would be appreciated.
Personally I believe that usage is okay under gdpr, so long as you don’t store the details of buyers, but already contradicts eBay and Amazon terms.
That said, many already do it despite the terms, whether you wish to take that risk is up to you, knowingly breaching their terms means you don’t have a leg to stand on if eBay picks up on your using a bot.