undefined | Better HN

0 pointstchock237y ago0 comments

Thank you for perfectly describing the frustrations I have experienced with GDPR. As the owner of a small SaaS business in the US I don't have the time to follow various EU regulations that closely.

I only found out about GDPR earlier this year from a random HN comment. I can't understand the attitude from some HN commenters that everyone should have known about this for years. Where/how should every small business that could be impacted by this regulation be notified?

As you noted, the regulation is readable, but verbose and frustratingly vague. I ended up reading most of it along with countless articles from various third parties debating what it means and how to comply - and I'm still not 100% certain if the steps I've taken mean I'm actually "GDPR compliant."

I too got stuck having to comply since around 30% of my customers are in the EU. However, I gladly would have foregone all of that revenue and focused on non-EU customers only if I had known what was coming back then...

0 comments

kimi7y ago

Nobody actually knows what "GDPR compliant" means. As it's up to you to demonstrate, and it's up to your regulator to decide a policy enforcement guideline, basically nobody knows. It's really, really, really burdensome, especially if you have to retrofit it to existing systems.

orwin7y ago

You know what? i'm pretty sure you can just talk to one of the european regulator in advance and ask him questions about points you don't understand. They are pretty slow but they do respond.

j / k navigate · click thread line to collapse