Here are some questions to determine if your dealership is subject to the European General Data Protection Regulation (GDPR). Remember that individuals working for a European embassy are in European Union (EU) territory…
- Does your business process or control the handling of personal data gathered from people when they are in the EU? “Processing” includes activities such as collecting, recording, organization, structuring, storage, retrieval, use or dissemination.
- Does your business process personal data gathered by people anywhere in the world (including the United States) through an arrangement with a controller or processor in or affiliated with an entity in the EU?
- Does your business engage in activity through “stable arrangements” with entities or people in the EU? Examples of stable arrangements are the following: renting a post office box, establishing a bank account, or engaging an independent contractor who acts as your business representative.
- Does your business envisage offering goods or services to people in the EU (even if not requiring payment) in that it orients its offering of goods or services toward the EU? Examples include mentioning EU (Embassy) customers on its website, allowing payment in an EU currency, presenting the website or other content in an EU language other than English.
- Does your business’ website or apps place cookies on the computers or devices of people who track the devices’ use while in the EU, particularly for analyzing or predicting his or her personal preferences, behaviors and attitudes?
If the answers to any of these questions is yes, or if you have questions about how the GDPR might apply to your dealership, call the WANADA office at (202) 237-7200.Download Bulletin PDF