Over 55% of all mobile apps may still not be compatible with the new European GDPR regulations, according to a New SafeDK Data Trends Report

If you have a number of apps in app stores that means you’re already plenty busy: social media, design, updates, optimization, etc. and you don’t need another item for the to-do list. So let me apologize right away for adding one. GDPR is too important to ignore.

If you haven’t, chances are you will soon.

What is GDPR?

GDPR is short for General Data Protection Regulation. It’s only 88 pages and 50,000 words long, and I thought it’d be a good idea to elaborate each page. Then I realized 88 are too many pages.

gdpr main

Nevertheless, GDPR is Europe’s big new data protection regulation. GDPR will take effect on 25th May 2018 and it creates rules for how all European residents’ data must be handled. And in some very real ways, it reshapes what it means to do develop apps in Europe. Now, GDPR is not a tech document. GDPR is less of a digital playbook than a statement on fundamental rights. So let’s get familiar with what GDPR means for you.

Does location matter?

Regardless of where you are based—US, Canada, Germany, Japan, wherever—GDPR applies to everyone who offers products or services to consumers in Europe.

So if your app is available in Europe, you have to comply with GDPR. Europe accounts for about 25% of global GDP, so it’s not a market you should ignore. And that means can’t ignore GDPR, either. Let’s look at 5 things that every store owner should know about GDPR.

1. Consent is king

Being GDPR compliant means you can’t assume what your users want. For example, GDPR says, quote, “Silence, pre-ticked boxes or inactivity should not constitute consent.” That means you should avoid stuff like this

2. Only collect data that you need

The heart of GDPR is protecting people’s data. You can limit your exposure to new rules and regulations simply by not collecting data that you don’t need. If there is no business value in knowing, say, what company your customer works for, then GDPR gives you an incentive to not even ask. If you’re not going to use the information, then don’t ask for it. And if you are going to use it, be really clear about what you’ll use it for.

gdpr CTA2

For example, occasionally, you’ll witness checkout pages that seek buyer’s mobile number. Store owners need to ask themselves, “What am I going to use this person’s phone number for?” There are definitely legit reasons to ask for a phone number. You are running an SMS campaign, or you want to avert fraudulent orders.

Shopify’s fraud detection detects orders that have the shipping address and IP address in diverse locations, and then uses the phone number to protect consumers and get confirmation. That’s fine as far as GDPR goes. Just make sure that you explain this stuff in your terms and conditions and privacy policy.

3. Make everything really clear

Regulators in charge of GDPR compliance love transparency. You could put an “unsubscribe” link on your app next to “subscribe.” You could link directly to your terms and conditions and privacy policy from the app’s ‘hamburger’ menu. By taking the above measures and making the privacy policy as open as possible, you can protect the app from concerns that GDPR compliance raise.

4. Don’t do sneaky stuff

For apps owner, so much of GDPR boils down to simply not being sneaky. If you are honest and transparent and implementing best practices, then you probably won’t have regulators knocking on your door.

5. Be an optimist and keep developing for Europe

The European Union is not trying to shut down your app and you should continue with you mobile app development efforts but with some cautions. So, even if GDPR seems a bit old school, it’s not part of some coordinated effort to kill your app.

Which means you can and should do app business in Europe! After all, European markets have a lot of English speakers to reach with ads, plus shipping products from Chinese suppliers to European markets is cheap and relatively fast.

GDPR isn’t just rules and headaches. This is the big opportunity: European customers will love you more if you’re GDPR compliant. Unlike the customers in the US, they take their privacy seriously.

Data Privacy in Europe

Data privacy is kind of a big deal in Europe. That’s why European companies from every sector use data protection and data privacy as a selling point, and app publishers can follow the trail. For example, the homepage of the German supermarket chain Edeka.

When you arrive, you get a heads up that they use cookies, as well as a link to a “Privacy Policy”. This data privacy stuff is way bigger than the company logo. It’s back and forth and interested visitors can find an enormous cookies section in the inscription, which links data privacy section.

Topics surrounding GDPR compliance are planted all over the website. Remember, Edeka isn’t a financial institution or a government body. It’s a supermarket, and still, the website is littered with references to data privacy.

Simply put, data privacy and data protection are huge topics in Europe. Sure, some countries require companies to give details about cookies and data protection. But these websites don’t just give details. They show it off.

It’s a medium of marketing!

European customers are paranoid about their privacy, particularly when it comes to engaging with foreign brands and making online purchases. You can leverage these trends to improve business from your app.

Advertise the fact that your app is GDPR compliant. Centre app Terms and Conditions page around GDPR. Add it into the footer of your emails. Every little bit helps.

If you’re GDPR compliant but your competitor is not— or if your competitor and you both are GDPR compliant but you’re the only one who boasts about it — then that might be a big selling point in the European market.