In May of 2018 the EU instantiated a regulation on websites called the GDPR and was the greatest change in to European data security in the last two decades. These new regulations enforce stronger consumer consent and security practices, with a penalty of high fines.
Why does this effect my site? I only do business in the U.S…
EU-based companies and multinational corporations should already have taken the proper actions to comply with the GDPR. However, many U.S. based companies still have not heard of these regulations and therefore have not implemented the required compliancy changes. U.S. companies that have no direct business in the European Union still have a web presence in those nations. They may market their products over the web or run tracking analytics on their sites, both reaching and gathering data from European consumers. Therefore according to regulations set in GDPR Article 3: If you collect personal data or behavioral tracking information from someone in an EU country, your website is subject to GDPR compliancy and must adhere to its regulations. This essentially means any website with an online presence should adhere to this law as a precaution, especially those with analytics plugins and marketing campaigns.
The GDPR does not apply to Europeans that Google a U.S website that is specifically geared towards US businesses and consumers. However, websites that have region specific domain extensions, marketing campaigns, or site language changes will be upheld to GDPR standards.
Therefore U.S.-based hospitality, travel, software services and e-commerce companies will certainly have to take a closer look at their online marketing practices. 
Read about how you can make your website GDPR compliant in our latest blog post.