What to Do about GDPR in 4 Simple Steps
Mark May 25, 2018 on your calendar. I predict that one day, this date will go down in infamy and be remembered as the date that bloggers and websites across the world went crazy; we worried if we would be compliant with the newly imposed European Union requirement known as GDPR or General Data Privacy Requirement.
Would our blogs implode if we didn’t adhere to the required policy statements? Would our email subscribers suddenly disappear into never~never land if we didn’t give them a chance to resubmit their information? Or would we have to hock everything we owned and commit our children and grandchildren to the fifth generation to pay off the $20,000,000 we might be fined for not complying to the GDPR? There has definitely been “the sky is falling” notices and posts and warnings bombarding bloggers about what to do about GDPR.
At the beginning of the great GDPR panic, I decided to take a slower, let’s take this one step at a time approach, before deciding what to do about GDPR. The more I read, the more I came to believe that it was a big deal, but it wasn’t rocket science. So here is what I’ve done as a little blogger in Texas who wants to take all the right steps to make sure my blog and my readers and subscribers are protected. Basically, “the GDPR aims to protect a person’s fundamental right to protection of their personal data and hold companies accountable for infringing on this right.” Sounds simple, right?
Here is the latest info on GDPR for 2021 from WPDEV.
So what did I do to get ready for the GDPR? Here’s the 4 steps that I took. I’m not a lawyer, an expert in GDPR or WordPress. I’m a blogger like most of you. If you haven’t yet made your blog and email GDPR compliant, you might want to schedule some time this weekend (I know it’s a holiday, but this is really important.) to read what to do about GDPR and then just do it.
What to Do about GDPR in 4 Simple Steps
The new rules surrounding data protection are a lot to take in, but the GDPR is not optional. According to Parker Software, “Don’t fight the law, it’ll win. The current DPA regulation is enforced by the Information Commissioners Office (ICO).” And the monetary fines can be considerable.
Step 1 ~ Get Informed about GDPR
The first step about what to do about GDPR should be to read articles from trusted experts so that you understand what GDPR is and the guidelines. Google GDPR and 100’s of sites will pop up. I’ve probably red or at least skimmed over 20 ~ 25. Not the most entertaining reading, but it’s something that bloggers just have to do.
Here’s are a few articles you might want to read:
GDPR for Bloggers from Pipdig makes it clear how blogs get information on people and what we are protecting. I’m sure like most bloggers, we’re just happy for a reader to leave a comment and subscribe to our newsletters. But when people do that, we gather information that could be used negatively.
This article from Elizabeth Stapleton was very thorough and covers probably more than we need to know, but it’s clearly written by chapters and she has a video. In case you are wondering why you have to pay attention to GDPR when you don’t live in the EU, she explains that
“If you have a website that can be accessed by people located in the European Union, then yes GDPR applies to you. You see, it doesn’t matter if your target audience isn’t EU residents. It applies to any company that processes information from someone located in the EU. This means that pretty much every website needs to comply with the GDPR.”
This article from Jenna Kutcher was written by an attorney and is short and straightforward.
Step 2 ~ Check with Your Website Host
For me, that was Word Press, which is my website plataform, the one that most people use for blogs. Fortunately, WordPress updated their latest version for compliance. That certainly gave me some peace of mind. They added a comment consent checkbox which means that a visitor can leave a comment without checking this box. They have to manually enter their name, email, and website every time they leave a comment.
WP Beginner is a trusted site for all things WordPress. Their compliance team stated that
“GDPR applies to every business, large and small, around the world (not just in the European Union). If your website has visitors from European Union countries, then this law applies to you. But don’t panic, this isn’t the end of the world.”
So be sure to check that your web hosting provider has taken all the steps to update their own site as well as yours.
Step 3 ~ Check with Your Email Subscriber Service
NOTE: In May, 2020 I switched my email subscriber service to MailerLite.
MailChimp was the provider I used at the time of the GDPR announcement. I received very thorough information from them about informing my subscribers of the new requirements for GDPR. They also provided a readymade form that could be customized to send to our subscribers. It was easy to do and took me less than 5 minutes to set up. Since I had already received similar requests from other bloggers whose newsletters I subscribe to, I understood the process. All we are asking is for our subscribers to update/resubmit their information. For non~bloggers, an explanation of GDPR was included in the email.
Step 4 ~ Update My Privacy and Disclosure Policies
Every website/blog should have a Privacy and Disclosure Policy Statement ~ I learned that the first year that I attended Haven in 2015, even before my blog launched. I have a separate page in my menu bar so that the information is easy to find and access for any visitor to my site. A Privacy Policy tells anyone who visits your site what information you’re collecting from them, from cookies to names and emails. It explains where the information comes from.
- Blog post comments data (name, email, IP)
- Traffic stats plugins/tools such as Google Analytics
- 3rd party hosted services such as Jetpack, Bloglovin’ and Disqus
- Email signup forms such as MailChimp, ConvertKit, MailerLite, etc.
- Contact forms
- Issues relating to the location of your web host.
It also tells your visitors what you do with this information. You can view my new Privacy and Disclosure Policy.
You can hire a lawyer to write these policies ~ I’m sure Amazon, Google, Yahoo and other large companies did just that. You can pay for a pre~written policy. I took all the information that I read, what I saw other bloggers doing, and incorporated it into my current privacy and disclosure page. Nothing really changed, but more information is included. The point is to ensure your readers, visitors and subscribers that your site and their information is secure and won’t be shared.
Do you remember back in 1999 when we all thought that the world was going to come to an end when computers had to switch from 1999 to 2000? As it turned out, nothing bad did. Time, life and computers just kept on going. As many of the sources I read pointed out, until GDPR goes into effect today (that’s right, it’s today) and some company has not complied with the new regulations, we won’t know the full effect.
I feel that I’ve done everything that I can, based on the information that I’ve read, to make Bluesky at Home GDPR compliant. (I bet I’ve used the word complaint more times in this post than in my entire life.) I don’t claim that this a complete list or the perfect list, but I am confident it will be O.K. ~ for now. So if you haven’t done anything about GDPR, you’ve got a little tiny bit of time. But don’t delay. You’ve been warned and told what to do about GDPR. I hope that the information that I’ve provided and what I’ve done about GDPR will help you get the job done pronto.
Now you can enjoy Memorial Day Weekend. Relax. Have a glass of wine. Layout by the pool. That’s what I’ll be doing.
Very helpful, Carol… thanks! Visited today via Dream Create Inspire link party! Pinning to my Blogging board!
Julie, so glad you found the post and I hope that it is helpful. Thanks for Pinning!
This is a great post. That is what I’ve come to also. I took it a step and a time and checked off all the boxes I can think of. I think I need a disclaimer statement above my comment section just to get that last thing checked off of the list.
I’m not WordPress and sometimes Blogger is as clear as mud. I’m glad WordPress is being helpful.
Katie, thanks so much. I’m not sure if I covered everything, but as time goes on, I’m sure more information will come out. I was surprised how many people were offering to make GDPR changes for a price. It wasn’t that hard.
Thank you so much for such a great post about GDPR! This was very helpful. I will check out the links you included for more details. Now I just got to figure out how to add the additional information to my fixed email sign up forms!
Michele, I changed my email form through Mail Chimp. Unless there is something I’m missing, I think I’m done.
I should have asked, what is it you need to change?
I need to change my Mailchimp forms as well. I was reading about how to do that earlier today on their blog. I hope to do that this weekend! I also inserted the cookies banner at the top of my blog today. Luckily I have less than 100 subscribers to check with. I never thought I would think that having less than 100 was a good thing! Lol
Michele, thankfully Mail Chimp provided the forms and the instruction.