Something I get asked pretty regularly is whether GDPR applies to someone’s business in South Africa. With that in mind, I’ve put together a quick flowchart to help in identifying this.
A Branch in the EU
If you have a branch, offices, or employees in the EU, then it is highly likely that the GDPR applies to you and your business.
Processing Information of EU Residents
If you are doing any sort of processing of data belonging to EU residents, then you are likely to need to comply with GDPR. Note that I’m stating residents here, this does not necessarily mean citizens, it’s anyone residing in the EU. If you have South African clients that have relocated to the EU temporarily, there’s a good chance GDPR applies to you.
Offering Services or Goods to EU Residents
This is an easy one on the surface to say “no” to, however the definition of this goes to the extent of looking at your website or pricing. If you offer your website in a translated form to an EU language other than English, you are seen to be targeting the region. Similarly, if you offer pricing in euros, you are also seen to be targeting the region and GDPR therefore applies!
Monitoring Behaviour of people in the EU
Again, this one is simple on the surface to say “no” to, however there is a likelihood that your website will land you into saying “yes” here. If you use any information to build a profile of an individual – and this could be from cookies or Google Analytics – you are monitoring behaviour. If those visitors to your site are from the EU, there is a high likelihood that you will need to comply.
GDPR is incredibly hard to avoid in this day and age of global economy and business. Complying with the regulation need not be a chore, and can be seen to have numerous other benefits for your business. As a South African business, you will have to comply with POPIA soon, which has about an 80% overlap with GDPR. If you start your compliance with one, you are very likely to cover most of your compliance for the other. We at Ross G Saunders Consulting offer compliance services in conjunction with leading associates in the field. Contact us today to find out how we can help you make compliance easier without losing your own resources to the exercise.