Over the last several weeks you have probably been receiving notifications about privacy policy updates by email and pop-up messages from websites and apps. Why are you receiving these? As of May 25, 2018, the General Data Protection Regulation (GDPR) has gone into effect in the European Union (EU).

The GDPR is a new set of rules and regulations that govern the privacy and security of personal data.

The GDPR is a new set of rules and regulations that govern the privacy and security of personal data. It gives European citizens more control over how their data is processed and used. Any company or organization that uses or holds data on people inside the EU is subject to the new rules, no matter where they are located or conduct business. Not complying with the law can be costly because fines can be up to $20 million euros or 4% of the company's global annual sales whichever is higher.

The GDPR means that a business must obtain explicit opt-in consent before they store or process personal details from Europeans. Europeans can also request that inaccurate information be corrected, download their data, and delete their data.

Unfortunately, these protections don't apply to U.S. citizens. Though some companies may choose to extend these protections in order to simplify compliance with the regulation.

What should you do with these notices? Many of the email notices are just letting you know how they are collecting and using your data. The pop-up notices in apps want you to agree to the changes to the privacy policy and terms and conditions. If you don't accept the changes, you may not be able to continue using the app. Use the tips in "What Should You Look For in a Privacy Policy" to review the policy.

One other impact may be to your email or newsletter subscriptions. Some of these are sending an email asking whether you wish to continue to subscribe. If you don't respond, you will be removed from their subscription list.

Use caution before you input your personal information on a website or an app. Check what information they collect, why they need it, how they will use it and who they will share it with. Also check the permissions an app needs. If you don't like what you read, don't use it.