There’s a ton of talk around GDPR and actually some fear tactics to scare people into buying products and services they might not even need. I bet you are getting a ton of these updated policies in your inbox from different services you use. I sure have been getting a ton!
While I’m not a lawyer (I’m a business owner like you), I can give you some guidelines around how to handle this whole GDPR thing.
Let’s start with what the heck is GDPR?
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
Sounds like it doesn’t apply to you but it does. Your business is on the World Wide Web so you can collect data from an EU citizen and may not even know it.
Remember, this is all to help protect consumers’ personal information. The larger scope of everything, this is a good thing!!
#1 Thing You Can Do
Other Helpful Things:
What is a cookie? An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing.
How do you know if you are using cookies on your website?
There’s a good chance if you
- have Google Analytics installed to analyze website traffic
- use your Facebook pixel for Facebook ads
- have a SquareSpace site
- are you selling and collecting credit card info?
One easy solution is to use this free WordPress plugin to enable compliance with EU cookie law regulations: https://wordpress.org/plugins/cookie-notice/
3) Make sure your WordPress website is up to date!
Make sure your WordPress website is up to date, version 4.9.6. This update covers a few items such as
- Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.
- Site owners can export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.
- Site owners can erase a user’s personal data, including data collected by participating plugins.
4) Make sure your webforms and opt-ins are GDPR Compliant
For example, if you have a lead magnet or opt-in to get email sign-ups, be clear about the kinds of emails you’re going to send people once they sign up. Ideally you could say below the opt-in “Adding your email means you are signing up for my weekly newsletter list and promos”.
The main point is to be very transparent about what you are doing. Most of the main email newsletter subscribers should be helping you with these options.
Also, there’s GDPR Compliance for WordPress Forms. It’s a free and easy WordPress Plugin. It can add compliance language to the most common forms including comments, Gravity Forms, and Contact Form 7.
5) Decide if you need to re-confirm content with your email subscribers
I’m guessing you have been getting a ton of emails “Do you want to continue receiving emails from me?” this week.
If you are in a situation and can’t really prove that people gave consent to get marketing emails from you, then you might want to do this too. Go ahead and send them a similar email. That way you know you’ll get the real people who want to opt-in.
Also, to comply with the GDPR, you only need this consent from people in the European Union. If your email provider doesn’t have a way to segment people by country or region, send the email to everyone.
Make it easy for people to unsubscribe from your list. Have it in a obvious place at the bottom of your newsletter.