The new regulation has resulted in significant modifications to how businesses in the EU gather and use consumer data. The following information is essential for businesses and app developers to be aware of as the new GDPR is put into effect.
When GDPR takes effect on May 25, 2018, anyone who collect, store, and process data about EU citizens will come under scrutiny. They must all abide by the rules or risk consequences.
In other words, a good excuse to keep using the data of EU residents in whatever way you (and your "processors") currently do. Explicit consent, a legitimate interest, a contractual foundation, a legal obligation, etc. are examples of legal bases.
What you will need:
To continue using your users' data, each 'data processor' (ad tech vendors) on your site will require their explicit consent. This consent must be obtained by the 'data controller' (publisher). Use a tool like Evidon Trackermap if you don't know who is collecting data through your pages.
Privacy Notice shows your lawful practise. This is where you commit to GDPR's transparency principle by clearly telling visitors what they're giving up (data), why (your legal basis), to whom (all the processors with whom you'll be sharing this data), how long this data will be kept, and so on.
A large part of GDPR compliance is keeping records of what you do with the data you have in order to demonstrate accountability.