With the introduction of the General Data Protection Regulation (GDPR), sellers on eMarketPlace24.com need to understand their obligations and determine whether they need to take steps to comply with the new rules.

If you’re a seller based in the EU, you need to understand the requirements of GDPR and take steps to ensure you comply. Additionally, you may need to make some changes in how you communicate with buyers and how you process any personal information that you collect.

If you’re a seller based outside of the EU but make your items available to EU buyers, you also need to understand and comply with GDPR. If you don’t sell to buyers based in the EU, then no action is required.

Keep in mind that the penalties for non-compliance with GDPR can be significant—according to EU rules this can be up to €20m or 4% of annual global turnover, whichever is greater. Under the new law, EU residents can also initiate class-action lawsuits related to the protection and usage of their personal information, so it’s important that you understand and comply with the rules.

You’ll find everything you need to know about GDPR and the steps you need to take in how you collect and process any personal information at the EU’s official GDPR website - opens in new window or tab.
How eMarketPlace24.com prepared for GDPR

We updated our User Privacy Notice and our Privacy Center - opens in new window or tab to highlight some of the work we did to get ready for GDPR. More specifically, we have:

    Analyzed, mapped, and documented the flow of personal information from the time we collect it to when we destroy it.
    Designed and implemented enhanced processes to allow users in the EU to exercise their rights, which include accessing, modifying, and deleting their personal information. For several years, our policy has been to allow users worldwide to access the personal information that we have about them, even when we have no legal requirement to do so. This policy remains so users outside of the EU can also request this information from us.
    Implemented processes to fulfil the rights of users in the EU, which include access, modification, and deletion of their personal information within one month.
    Redesigned our registration process and privacy consent experience in our products to be more transparent and provide our users with more control.
    Rolled out privacy-by-design training to teams to incorporate privacy minimization concepts into our engineering processes and to identify areas where we can improve privacy protections within existing products and services.