I’m sure many of you, like us, were caught by surprise when GDPR rolled out. In a nutshell, the EU approved a set of laws to protect user personal data, and set a deadline for 5/25/2018. By that date, any company or website serving EU customers would have to be in line with their requirements.
The most relevant requirements were:
Full disclosure about cookies and website tracking in place.
The ability to request the deletion of all your PII (personal identifyable information) from all company databases.
The ability to request what data had been collected and how it was being used.
Explicit permission to send emails or serve retargeting ads.
For many companies, including ours, this required us to re-do everything.
For example, even though we had a voluntary email subscribe on our blog, we didn’t have a record/log of the customers agreeing to receive marketing emails, so we literally had to email everyone before GDPR to ask for permission. Obviously, we lost about 90% of our leads.