There is no official GDPR legislation in the U.S., but there may as well be and online credit card processing merchants should especially pay attention. In fact, online merchants should conduct business as if there is GDPR legislation in the states. Frankly, we think it’s coming, and it’s already starting at the state level: California’s Consumer Privacy Act goes live beginning Jan. 1, 2020.
Recently, California Congressman Ro Khanna drafted a list of 10 guidelines for protecting consumer data, which he hopes morphs into an internet ‘Bill of Rights,’ of sorts. We fully believe more states will follow (if not the Federal Government), and that the issue of consumer data protection will be a political tool, especially with mid-term elections forthcoming.
Rep. Khanna’s proposal piqued our collective interest here at Instabill. For example, like any business, we regularly receive unsolicited e-mails, particularly those inviting us to exhibit at trade shows to which we’ve never been and have little or no interest. Additionally, several times each week, we receive sales pitches from companies to which we have no connection. It has led us to believe that somewhere there is the unauthorized trade of personal information taking place.
The days of such information trading are coming to a close.
What is the GDPR? A refresher…
The General Data Protection Regulation (GDPR), that went into effect May 25, 2018, is a set of rules comprised by the European Parliament that gives EU consumers more power and protection over their personal data. Businesses and organizations, particularly those in online credit card processing, not only must obtain consumer personal data legally, but safeguard it or face substantial fines.
While the GDPR is a European mandate, compliance does not stop at the European borders. The GDPR applies to anyone doing business with an EU member, including those who have customers within the EU. And that not only means thousands of corporations around the world, but, for example, an online merchant in the U.S. selling t-shirts to European consumers.
For our industry, we think it’s the right path to take.
Highlights of Rep. Khanna’s ‘Internet Bill of Rights’
Among the highlights of Rep. Khanna’s principles that directly affect merchants include:
- For consumers to have the right to know exactly for what and why the merchant is using their data.
- The right for opt-in consent to the collection of consumer personal data (where the consumer gives the organization permission to have their personal data).
- The right to be adequately notified when a data breach occurs (two thirds of all data breaches happen to small businesses).
- The right to assuredness that the organization that possesses consumer data is in good standing and has good business practices.
Online credit card processing merchants new priority
So where do merchants come in?
The best credit card processing merchants we know (many who process transactions through Instabill) are excellent communicators: they maintain contact with their customer base through e-mail, with the best intentions.
Contact with customers must be taken more seriously in this climate. There are merchants who send receipt e-mails, requests to review products on Google or Facebook, and to opt in for the company/product newsletter, all good practices that are encouraged. Receipt e-mails, we feel, supersede privacy regulations, of course. Tactics, however, such as soliciting positive reviews and sending promotional e-mails are to be handled delicately.
We strongly recommend giving customers the option on a checkout page to opt in for newsletters or company news. Many merchants prefer to have opt-in boxes readily checked on a checkout page, automatically adding the customer to the distribution list which, in our opinion, sends mixed signals.
Online credit card processing with Instabill
Instabill has offered the best online services for credit card processing merchants since 2001, the dawn of online shopping, and has stood the test of time. Our merchant account managers prefer to have a conversation with prospective merchants and, upon an approval, remain with our merchant partners as consultants for the life of the merchant account contract.
Have that conversation today at 1-800-530-2444.