There are many different privacy laws in different countries, as APPI in Japan, LGPD in Brazil, PIPEDA in Canada and CCPA in California. But since I am not focusing to sell in more places than Europe then it feels unnecessary to comply with all those laws and to ensure that I am continuing to comply with them. So I tried to block the visitors from the parts of the world which I wasn’t interested in selling to from entering my site by using different apps that would determine the visitors location by reading their IP-adress and then block them. But according to my Cookiebot scan report and they themselves they did all send their information to a country which is GDPR inadequate to send information from EU citizens to, as the U.S. for example.
So the thing that I wonder from you that are owning a GDPR adequate site is, do you comply with all the other privacy laws from the different countries or are you managing to block them without sending information (cookie) to a GDPR inadequate country?
I am not totally familiar with what the GDPR really says and how it works. So it may be that I am just asking stupid questions now.
I’m pretty sure - if you’re actually 100% GDPR compliant with your store, you should be good to go almost all over the world
Compared to other privacy laws the GDPR is pretty strict and covers a lot of the other laws as well.
Nowadays, even though I think the GDPR is a step in the right direction, it’s really hard to obey all of the privacy laws 100%. Especially if you sell in multiple countries. There are just too many third party tools that will send the visitor’s information all around the world. So you should be very careful in using them.
So my advice is - focus on the country you sell in first. If that’s somewhere in the EU, make sure your store is a GDPR compliant as possible. With the GDPR as a base, there are only a few adjustments (if any) necessary, to comply with the other laws as well. You could also use an app like Locksmith to hide certain content from certain visitors. That way you can make sure that for example no US visitor can buy from you. But you already mentioned that you use something similar.
Thanks for your answer.
So if that’s the case that the GDPR covers a lot if not everything in the other privacy laws too then it sounds like that I shouldn’t be able to break any of the other laws if a visitor from another country just would visit my site if I am GDPR compliant, which was a question that I pondered about.
Hi @A_R_1 , what @OS-Mitch suggested is a “safe” solution and can be followed.
Another one is to cover your store with the most well-known data regulations in the countries to which they are applied to. For instance, if you check all the privacy apps on the app store, you will see that the majority of them deal with GDPR and some others with CCPA, and a few with additional laws such as LGPD, PIPEDA, APPI, etc. For sure, GDPR is the most strict one, and some others have some special rules as well. So it depends on which countries you are targeting.
Our Pandectes GDPR Compliance app covers all these regulations and gives you the option to make it active only in specific regions where these laws are active.
