Should a startup block EU countries at first?

Question

I previously lived in the EU and was instrumental in bringing a 100ish employee B2B SaaS company into GDPR compliance. We weren&rsquo;t in the business of disrespecting personal information, but compliance nonetheless took and continues to take a lot of time and money.I am now outside the EU and looking to create a new B2B SaaS. It doesn&rsquo;t really seem viable for a single founder to create a GDPR compliant operation.Does it make sense to simply block all EU countries until a business has grown big enough that the benefit of access to the EU market outweighs the costs and risk?

neximo64 · Accepted Answer

Maybe focus on the customer & product market fit first, if you feel that means blocking EU countries because of the risk that could be a decision you make. You could also ignore the risk.

auganov · Answer

I'd avoid any explicit targeting of the EU and call it a day. You can always block the EU later if GDPR trolls become a problem. B2B should be low risk. It appears to me GDPR "compliance" is a guessing game and hardly guarantees immunity. Not sure investing too much in it is a good bet even in the EU unless you have reasons to believe you'll be targeted. In fact, being a big American corporation seems to be the biggest risk factor. It's always been designed as a ransom scheme against US tech, "domestic" enforcement seems to be more of a negative externality. Doubt a small player from Australia is even on the radar.Just look at how ridiculous the statistics are: https://www.enforcementtracker.com/?insights

mytailorisrich · Answer

If you're based in the US with no presence in the EU the pragmatic approach may be to be sensible from the start about personal data handling but to ignore the GDPR, and not to bother blocking anyone.

stop50 · Answer

If you found your company in the us, some legal people say that you can't be GDPR compliant, unless a lot of laws are changed.