NRF, the world’s largest retail trade association, and EuroCommerce, the principal European organization representing the retail and wholesale sector, came to the agreement during the first two days of meetings in Brussels.
NRF and EuroCommerce member companies, U.S. government and EU officials, European-based retailers and EuroCommerce met to discuss a wide range of issues impacting the retail industry, including data portability, consumers’ “right to erasure” under the General Data Protection Regulation (GDPR) to have their data removed, gaining data subjects’ consent, profiling and dealing with data breaches.
“Today’s successful discussions between U.S. and European retailers have resulted in an agreement to work together on a unified retail industry approach to implementation of the new EU regulations on protecting personal data,” said NRF President and CEO Matthew Shay. “This cooperative effort will help retailers on both sides of the Atlantic prepare their businesses for implementation of the regulations with a retail-specific approach that continues the seamless operations and personalized shopping experiences our customers expect.”
The GDPR, adopted by the European Parliament and Council in April 2016, will implement changes to almost every area of customer data processing. Once it goes into full effect in May 2018, retailers with storefronts, websites, mobile apps and other digital platforms serving customers will face new compliance standards, additional administrative burdens and liability for violations, as well as more stringent enforcement penalties.
“We are delighted to have been able to cement our already close relationship with NRF with this agreement,” said Christian Verschueren, director general of EuroCommerce. “Consumers want confidence that their data is being treated with care and protected by those holding it. By working together, we are looking to ensure that we can implement the regulations in a way [that] serves all of our customers’ interests. We hope that our transatlantic cooperation can pave the way for a global approach that serves both the privacy concerns of citizens and the competitiveness of [the] industry.”