Even though GDPR technically only applies to data and privacy within the EU (and the personal export of data outside of the EU), most of the companies you’ve subscribed to have some sort of European presence.
This plus the fact that people are much more sensitive about their data privacy these days make it a huge imperative for most companies to become GDPR-compliant and avoid a huge fine (a la Google).
1. Prominently label the section of your policy regarding online tracking, for example: “California Do Not Track Disclosures.”
4. Explain your uses of personally identifiable information beyond what is necessary for fulfilling a customer transaction or for the basic functionality of the website or app.
5. Describe what personally identifiable information you collect from users, how you use it and how long you retain it.
6. Describe the choices a consumer has regarding the collection, use and sharing of his or her personal information.
7. Use plain, straightforward language that avoids legal jargon and use a format that makes the policy readable, such as a layered format. Use graphics or icons instead of text.
That’s it! Even though a lot of people don’t read the fine print, it’s just good ethics to not create overly-complicated policies that could swindle your users/customers.