GDPR: Privacy Center

General Data Protection Regulation

The EU General Data Protection Regulation (GDPR) is a comprehensive update to existing European Union laws that became effective on May 25, 2018. The GDPR was designed to harmonize data protection laws across Europe, to protect and empower all EU resident’s data privacy and to reshape the way organizations approach data protection.

eBay’s Commitment to GDPR

For 25 years, we have been committed to protecting the privacy and data of our hundreds of millions of global customers who use eBay’s trusted platforms. Millions of transactions happen everyday on our site, and we value the trust you place in eBay safeguarding your personal information. We embrace the GDPR as an opportunity to demonstrate and deepen our commitment to protecting your data.

What has eBay done to prepare for GDPR?

After the GDPR language was finalized in 2016, eBay took steps to prepare for compliance with the new standards ahead of the May 25, 2018 implementation date. eBay made enhancements to its processes, products, contracts, and documentation to help support the company’s, and our partner’s, compliance with the GDPR. While many of these changes were not directly visible to users, we provide greater clarity on the way eBay collects, uses, shares and manages personal data through our new and improved User Privacy Notice.

What is the GDPR and when did it come into effect?

The General Data Protection Regulation (GDPR) replaced the Data Protection Directive and harmonized the data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations approach data privacy. It became effective on May 25, 2018.

Who does the GDPR apply to?

The GDPR applies not only to organizations who process data in the EU, but also any organization that offers goods or services to, or monitors the behavior of people inside the EU. GDPR applies even if the processing takes place outside of the EU.

Which data elements fall under the GDPR?

The GDPR applies to information that directly or indirectly could identify an individual. This includes information, such as names, addresses, phone numbers, date of birth, as well as IP addresses, cookie identifiers, device information, advertising identifiers, financial information, geo-location information, social media information, consumer preferences, etc. To read more about the personal information that eBay captures, please visit our User Privacy Notice .

What are eBay sellers GDPR obligations and steps to comply?

If you’re a seller based in the EU or a seller based outside of the EU who sells to buyers in the EU, you need to understand the requirements of GDPR and take steps to ensure you comply. To learn more about your obligations and compliance, please visit our GDPR Help Page.