AP — Lisa Meyer’s hair salon is a cozy place where her mother serves homemade macaroons, children climb on chairs and customers chat above the whirr of hairdryers.
Most of the time Meyer is focused on hairstyles, color trends and keeping up with appointments. But now she’s worried about how the European Union’s new data protection law will affect her business as she contacts customers to seek permission to store their details.
Even though she supports the law, Meyer fears it may cut her mailing list by 90 percent as people choose to withhold their data or simply overlook her emails.
“It will be difficult to market upcoming events,” she said at her shop, Lisa Hauck Hair & Beauty in London.
Businesses from pizza parlors to airlines across the EU’s 28 countries are bombarding customers with emails seeking consent to use personal data as they rush to comply with the bloc’s General Data Protection Regulation, which takes effect Friday.
While much of the attention has focused on how technology giants like Facebook and Google will comply with the rules, consumers are learning firsthand that they apply to any firm, large or small, that stores personal data.
The new rules , called GDPR for short, are designed to make it easier for EU residents to give and withdraw permission for companies to use personal information, requiring consent forms that are written in simple language and no more than one-page long.
Companies that already hold such data have to reach out to customers and ask for permission to retain it.
Authorities can fine companies up to 4 percent of annual revenue or 20 million euros ($23.6 million), whichever is higher, for breaching the rules.
As a result, email boxes all over the continent are being swamped with messages from opticians, hotels, greeting card companies and even charities that fear stiff penalties for non-compliance.