Make Your Website GDPR Compliant

Last Update: May 20, 2018

I know, after so many blogs being published in the last 4-6 weeks about the introduction of a more stringent European data protection policy - the already so familiar GDPR - you will be probably sick to death to read yet again more about the issue.

The reason why I want to add to the collection of GDPR related blogs here on WA is because, truly, I want to make the whole process easy and less scary for everyone.

Easier Than You Think


As I still work part time for my local council, it is only but natural that we staff are all receiving extensive training regarding the subject, and that's why I am building up quite an insight knowledge.

To put it in layman's terms, the aim of GDPR is to seek that consent by the visitors to our websites, rather than the consent being assumed up to the point where the visitor or the subscriber denied it, as it has been up to now.

In the past, you would just ask your subscribers to leave their emails to receive news and updates from our websites.

Now we are obliged to tell potential subscribers, as well as visitors to our sites, what we are going to do with their private details and information.

Not only that, but potential subscribers have to physically give consent for the use of their emails and / or other personal information, such as name and surname. Tacit consent is going to become a thing of the past.

How To Change Your Websites


The two things to change on your website are these:

  • privacy policy, and
  • subscription forms.

If you have already installed an autoresponder to your website, or if you are planning to do so, the subscription form should look and read more or less like this:

I know, you might think it is bulky and unsightly. But, my friends, it is needed (!!!).

I have now switched autoresponder service to MailerLite, as they provide exactly the same format as what this picture shows. Do you see what I mean when I refer to getting your subscribers to give consent by ticking boxes?

There is also good advice provided by @Philmerson here on WA, regarding installing a Google plug-in to enable visitors to your website to advise whether they want to opt out of their information to be used by Google Anaylitcs. Read more here (internal WA link, not affiliate!!).

Regarding your privacy policy, yes, this has to be tweaked too, I am afraid. The changes are needed in so far that, when visitors leave comments on your website, you are now obliged to tell them how their email address and other personal details are used by you and by Google Analytics.

As well as @philmerson, @MarionBlack is helping with this task, by giving an example of how our new privacy policy should read. Find out more here.

Don't Dismiss It!


And that's really all there is to the new GDPR.

Don't get me wrong, do not try to dismiss the new changes. The requirements do represent as big change in culture of a dated data protection policy, which has been in use for over 20 years. You can see, therefore, how such changes were needed and overdue, especially if you think of how much the use of the internet has expanded with the advent of social media.

Nor must you disregard it, because you do not live in Europe. Remember, your websites are visible and accessible from every corner of the planet, including Europe.

So, what are you waiting for, start working on the changes now. You have a whole 4 days left before the big 'big ben' date of Friday 25th May. If you start making changes now, you will find it won't be such an honerous job after all.



Join the Discussion
Write something…
Recent messages
QAVAVO Premium
GDPR strangely is an alien invader from outer space
Reply
GiuliaB Premium
I was given further training at work yesterday, Taniela, and believe me, it's probably not much different from what you are doing already, right? You just have to be careful being more transparent with your visitors and subscribers as to why you need their details, and likewise you are not to ask for details that you do not need.
Reply
AlejandraB Premium
Thanks for sharing Giulia, it's good to look at an example of what the newsletter sign up should look like.
Bookmarked.
Reply
GiuliaB Premium
I can see, Alejandra, that in the last couple of days more autoresponder services have proposed similar subscription forms, where the subscriber is physically invited to tick consent boxes rather than to give tacit consent.
Reply
Wayne66 Premium
How do we know what changes to make and what are Kyle and Carson going to come up with? I don't even know where to start as there are no guidelines to draw from.

It's easy for someone to say we need to make these "changes" but what are the changes that need to be made? Where do we find the info?
Reply
Loes Premium
When you've your website updated to the latest version, you find a guide of wp on top of your privacy policy in edit mode, I wrote a blog about this
Reply
GiuliaB Premium
Thanks Loes for your help answering this. But also, Wayne, Kyle has just published a very helpful blog yesterday (https://my.wealthyaffiliate.com/kyle/blog/gdpr-compliance-our-official-take) which gives us exactly those very guidelines you are looking for.

Giulia
Reply
Loes Premium
Go to WP dashboard>settings>privacy> there is your guide
Reply
Wayne66 Premium
Thanks and I appreciate everyone's help. I have seen Kyle's recent blog on this subject and am taking the appropriate action.

things like this are quite confusing to me so again, many thanks for the help.

Wayne
Reply
Wayne66 Premium
Read the post this morning and all is fixed now. thanks for your help, Giulia. I appreciate it very much.
Reply
WayneTowns Premium
Thanks, Giulia you have simplified it somewhat for my simple mind. Going to get started tomorrow on mine. THX Wayne
Reply
GiuliaB Premium
I am glad I could be of help, Wayne. I suppose for newer members, this is possibly going to be easier, as they are going to implement the changes and embrace them as part of the steps to take when building a new website. It will take those of us who already have a few websites on the go, a little longer. But it's definitely doable :)
Reply
JeannineC Premium
In addition to this, you must be prepared to explain how the data will be protected and also how you will permanently delete someone who "wishes to be forgotten." It's complicated, but you are right, it's not something which can be ignored. Here's our latest blog post on it (as an affiliate network our responsibilities are enormous!). I'll have a white paper on it next week. https://www.awin.com/us/news-and-events/gdpr/data-controllers-data-processors-and-data-processing-agreements
Reply
GiuliaB Premium
Excellent suggestion, thanks Jeannine :)
Reply
Top