GDPR is a new European Union data privacy law (short for the General Data Protection Regulation) that goes into effect on May 25, 2018. Its purpose is to create a harmonized data privacy law across all the EU member states. As a small business owner, if you email EU subscribers, you must take steps to comply with the new regulations or face stiff fines.
If you use Constant Contact as your email service provider, rest assured, the company is certified under the EU-US and Swiss-US Privacy Shields and transfer and protect the personal data from the EU and Switzerland consistent with the requirements of the Privacy Shield program, governed by the Federal Trade Commission and approved by the EU Commission.
If you do not provide goods or services to EU there is nothing you need to do. This IS a good time to review how you obtain subscribers to your mailing list and how you communicate to your subscribers what information you collect.
Read more about steps recommended by Constant Contact and what they are doing to make sure you are compliant:
Liz Provo, Mass Marketing Resources.