This Is Why Your Inbox Is Flooded With All Those Privacy Policy Emails

In the last few weeks, consumers across the globe have been receiving a steady stream of emails from businesses alerting them to changes in their company’s online privacy policies.

The action marks their compliance with the European Union’s General Data Protection Regulation, a framework that safeguards citizens’ privacy in the EU and goes into effect today — and the likely reason you’re hearing from these brands and retailers all at the same time.

Adopted in April 2016, the GDPR requires companies to have a legal basis for collecting consumers’ personal data, including what they’re using the information for, how long they’re retaining it and what other parties or firms might be receiving that information. The objective is to create transparency between companies and users, and those that fail to abide by the GDPR can face fines of up to 4 percent of their global annual revenue or 20 million euros ($23 million), whichever is higher.

However, it’s not just affecting EU member states; all American companies that process EU citizens’ data are also impacted, which explains why your inbox has recently been accumulating privacy policy updates from U.S.-headquartered businesses such as ride-sharing app Uber, music streaming service Spotify and apparel brand Everlane, for example.

A number of companies, according to industry experts, are not prepared to meet the GDPR deadline.

Want more?

How Footwear Brands Can Get Ready for GDPR

How to Keep Your Information Safe After the Saks, Lord & Taylor, Under Armour Data Hacks

Mobile Shopping Is Retail’s Biggest Traffic Driver, According to a Salesforce Report

Access exclusive content