Geek Speak: GDPR

Categories: Geek Speak, Websites
GDPR Compliance

The 2018 GDPR compliance d-day is almost upon us: May 25.  Duh-duh-duh!  So why does it matter?

Well, it matters if:

  1. You currently do business with clients in the European Union or might want to in the future.
  2. Your website might get traffic from the EU.
  3. You might get subscribers to your newsletter or other marketing emails from the EU.

For more information than you would ever want to know about data protections and legal-eze, just Google "GDPR Compliance."  But here's the NUTSHELL version for small businesses.  Back in 2016, a new set of data protections and regulations were adopted in the EU.  They are aimed at ensuring greater safety for personal data on the internet and lessening the amounts of spam EU citizens receive.  And in a week, those laws will be enforceable for businesses both large and small. (Let the great Wiki tell you more about GDPR here.)

Just like other small business owners out there, I've been trying to understand what this means since I am SOOOO not a GDPR expert.  Below are 2 articles that I found very helpful:

  1. From Kerstin Martin:
  2. From Togs in Business: (This article is aimed specifically at photographers but has excellent general small business info and resources.)

And here are the steps I've taken for GDPR compliance:

  1. Updating email marketing: I ensured that the double opt-in and GDPR fields are enabled for my MailChimp newsletters (Lists > Settings (for the desired list) > List name and campaign defaults).  I also customized the MailChimp GDPR fields on my signup form at Lists> Signup Forms (for the desired list) > Form Builder. Check with whatever email marketing system you use for GDPR specifics. And for an excellent GDPR MailChimp tutorial, watch this:
  2. Getting a privacy policy together: I used this lovely free template that the Togs in Business site recommended and added bits from other open source GDPR documentation.  I've been receiving all sorts of free templated material from WordPress, theme and plugin developers, etc.  Otherwise, I would have had NO IDEA what to say.  Privacy policies are most surely NOT what I like to write about on a normal day.
  3. Putting the privacy policy on the website: You'll now find a link to the privacy policy in the footer of my website.
  4.  Putting a notice about cookie use on the website: If you're not totally sure what cookies are on the Internet (I'm sure we're all experts with the real life kind, no?!), go here.  While I haven't put cookies of my own on, I DO use Google Analytics to track info about the website, and Google Analytics uses cookies.  So even if you haven't put cookies directly on your website but are using some kind of analytics service, you're still using cookies and need to disclose that.

So...I definitely don't understand all of the ins and outs of GDPR rules and regulations.  But I have taken the major steps to let EU citizens know how I process their information if they visit my website, contact me through my website, sign up for my email newsletter, or choose to do a project with me.  And while it definitely has not been what I would call enjoyable, I have had the voice of the computer from "Flight of the Navigator" saying "Compliance!" over and over again in my head throughout the process. And, ya know, I hadn't thought about that movie in far too long, so that made me happy as I waded through the requisite legal-eze.  If you need the robot to encourage you, too, take a listen here.

May the GDPR be with you!