Self storage marketers continue to see an increase in online leasing and transactions, which also leads to the need to better understand data privacy. In May 2018, the European Union enacted the General Data Protection Regulation (GDPR), which fundamentally changed the way data is handled across every sector of business. A similar federal law doesn’t exist in the United States yet, but adjusting your data storage practices now may help your company avoid a bigger problem down the road.

Why Data Privacy Matters to Self Storage Marketers

Self storage marketers must focus on data privacy as their facilities continue to do more online leasing. When a customer leases a storage unit online, they provide quite a bit of personal data including their address, phone number, and credit card information. Self storage facilities that offer online leasing need to stay current on the latest changes in data privacy laws in order to be compliant when the inevitable legislation reaches the United States. Businesses located in California should begin their preparations now, as the state recently passed one of the most sweeping privacy laws in the country – it goes into effect on January 1, 2020.

GDPR Overview

The E.U. enacted the GDPR to create more consistent protection for consumer and personal data across their member states. The GDPR imposes a uniform data security law on all members and has a global impact as the regulations apply to any company marketing goods and services to residents in Europe, regardless of location. The GDPR requires:

  • Consent of subject for data processing
  • Provide data breach notifications
  • Safe handling of the transfer of data across borders
  • Making collected data anonymous to protect privacy
  • Certain companies must appoint data protection officers to oversee GDPR compliance

Penalties for non-compliance have increased from the E.U.’s formerly enacted Data Protection Directive. Companies may be audited and investigated to ensure compliance. Some companies may be required to erase data and others may be blocked from transferring data to other countries. If your website collects regulated data from European users, your business will have to ensure it complies with GDPR privacy regulations.

The Future of Data Privacy in the U.S.

By enacting the GDPR, American data privacy comes into the spotlight. Currently, the United States does not have federal data privacy legislation. In light of GDPR, individual states have instituted laws of their own in order to implement more stringent data protection measures. In June 2018, The California Consumer Protection Act passed and it will be the strongest privacy legislation enacted by any state in the U.S. The act goes into effect in 2020 and represents one of the most sweeping acts of legislation in the U.S. to support consumer privacy. Highlights of the Act include:

  • Businesses that collect personal information must disclose the types of data collected in a clear privacy policy on their website
  • Businesses must provide information about collected data from an individual upon request from the consumer
  • Consumers may request that personal information be deleted by the business, with exceptions
  • Businesses must provide equal service and pricing to consumers, even if they exercise their privacy rights under the act

The California Consumer Protection Act should have far-reaching effects on data privacy in the United States with major technology companies, including Facebook and Google, based in the state. Experts predict other states to follow the charge being led by California in the coming years. By taking proactive steps now, self storage marketers can better protect their customers and will be prepared for future changes to data privacy regulation in the U.S.

How to Prepare for the Future of Data Privacy

With the enactment of the GDPR and the CCPA, change will come to the United States sooner than you think. We stress the importance of preparing for the future of data privacy, especially as facilities continue to gather personal data through online leasing. Here’s how we suggest preparing for the future of data privacy:

  • Consider how you would fulfill requests for access and deletion of personal data
  • Complete an audit of the way your company collects and stores the personal information of your customers
  • Review your website privacy policy to make sure there aren’t any red flags for consumers who will be increasingly aware of data privacy moving forward
  • Get ahead of potential federal or state-specific legislation by familiarizing yourself with the requirements of the GDPR and CCPA

By making efforts now to ensure your company is compliant with the strict requirements of GDPR and CCPA, you can likely avoid potential penalties down the road.

For more information on the latest industry news, download G5’s Self Storage State of the Industry report for the first half of 2019.