Make Your Website GDPR Compliant
I know, after so many blogs being published in the last 4-6 weeks about the introduction of a more stringent European data protection policy - the already so familiar GDPR - you will be probably sick to death to read yet again more about the issue.
The reason why I want to add to the collection of GDPR related blogs here on WA is because, truly, I want to make the whole process easy and less scary for everyone.
Easier Than You Think
As I still work part time for my local council, it is only but natural that we staff are all receiving extensive training regarding the subject, and that's why I am building up quite an insight knowledge.
To put it in layman's terms, the aim of GDPR is to seek that consent by the visitors to our websites, rather than the consent being assumed up to the point where the visitor or the subscriber denied it, as it has been up to now.
In the past, you would just ask your subscribers to leave their emails to receive news and updates from our websites.
Now we are obliged to tell potential subscribers, as well as visitors to our sites, what we are going to do with their private details and information.
Not only that, but potential subscribers have to physically give consent for the use of their emails and / or other personal information, such as name and surname. Tacit consent is going to become a thing of the past.
How To Change Your Websites
The two things to change on your website are these:
- privacy policy, and
- subscription forms.
If you have already installed an autoresponder to your website, or if you are planning to do so, the subscription form should look and read more or less like this:
I know, you might think it is bulky and unsightly. But, my friends, it is needed (!!!).
I have now switched autoresponder service to MailerLite, as they provide exactly the same format as what this picture shows. Do you see what I mean when I refer to getting your subscribers to give consent by ticking boxes?
There is also good advice provided by @Philmerson here on WA, regarding installing a Google plug-in to enable visitors to your website to advise whether they want to opt out of their information to be used by Google Anaylitcs. Read more here (internal WA link, not affiliate!!).
Regarding your privacy policy, yes, this has to be tweaked too, I am afraid. The changes are needed in so far that, when visitors leave comments on your website, you are now obliged to tell them how their email address and other personal details are used by you and by Google Analytics.
As well as @philmerson, @MarionBlack is helping with this task, by giving an example of how our new privacy policy should read. Find out more here.
Don't Dismiss It!
And that's really all there is to the new GDPR.
Don't get me wrong, do not try to dismiss the new changes. The requirements do represent as big change in culture of a dated data protection policy, which has been in use for over 20 years. You can see, therefore, how such changes were needed and overdue, especially if you think of how much the use of the internet has expanded with the advent of social media.
Nor must you disregard it, because you do not live in Europe. Remember, your websites are visible and accessible from every corner of the planet, including Europe.
So, what are you waiting for, start working on the changes now. You have a whole 4 days left before the big 'big ben' date of Friday 25th May. If you start making changes now, you will find it won't be such an honerous job after all.
Recent Comments
53
Hi Giulia,
I'm sick of it all but still read what I can. This has been so confusing for many.
This one is of interest for the Subscriber form part of it. I removed mine and will add another one soon and it's nice to see what it will look like now.
It won't be as bulky looking for me because I'm only going to have the basic Subscriber sign up form for my weekly published posts.
As for the privacy policy, I have most of mine updated but need to update now with the GDPR. I'm waiting for the updated one by Kyle and heard he will be posting soon.
You have covered a couple things here I haven't seen yet which is great, but there is much more.
There was an email sent by Google for Google Analytics where we have to go there and manually set the Data Retention, and Mary has the rest for it in her tutorial. We need to fill out 2 areas for Google Analytics that a plugin can't do for us.
The plugin in the link by @philmerson I took note of. I will check it out to see what it's for regarding Google Analytics it sounds interesting thanks!
As I am sure you are aware by now, Patsy, yes, Kyle did publish his blog yesterday, and covered absolutely all aspects, including the new privacy policy which we can all personalise and use, as well as covering the Google Analytics issue :)
Yes I am aware of his post, I waited for it to change my privacy policy.
Google sent out an email as I mentioned that is separate and still needs to be done. Just like the signup forms have to do their part etc..Kyle has to do his part and the others have to do theirs, they all have to be responsible to cover what is needed on their end.Kyle's post is for what he needs to cover for WA.
You are right Robin, mine wanted to be an overview. For the perfect advice, I suggest you refer to Kyle's blog on GDPR: GDPR Compliance. Our Official Take. Unfortunately Kyle published it only yesterday, but as ever, he is most helpful :)
I was given further training at work yesterday, Taniela, and believe me, it's probably not much different from what you are doing already, right? You just have to be careful being more transparent with your visitors and subscribers as to why you need their details, and likewise you are not to ask for details that you do not need.
Thanks for sharing Giulia, it's good to look at an example of what the newsletter sign up should look like.
Bookmarked.
I can see, Alejandra, that in the last couple of days more autoresponder services have proposed similar subscription forms, where the subscriber is physically invited to tick consent boxes rather than to give tacit consent.
How do we know what changes to make and what are Kyle and Carson going to come up with? I don't even know where to start as there are no guidelines to draw from.
It's easy for someone to say we need to make these "changes" but what are the changes that need to be made? Where do we find the info?
When you've your website updated to the latest version, you find a guide of wp on top of your privacy policy in edit mode, I wrote a blog about this
Thanks Loes for your help answering this. But also, Wayne, Kyle has just published a very helpful blog yesterday (https://my.wealthyaffiliate.com/kyle/blog/gdpr-compliance-our-official-take) which gives us exactly those very guidelines you are looking for.
Giulia
Thanks and I appreciate everyone's help. I have seen Kyle's recent blog on this subject and am taking the appropriate action.
things like this are quite confusing to me so again, many thanks for the help.
Wayne
Read the post this morning and all is fixed now. thanks for your help, Giulia. I appreciate it very much.
Thanks, Giulia you have simplified it somewhat for my simple mind. Going to get started tomorrow on mine. THX Wayne
I am glad I could be of help, Wayne. I suppose for newer members, this is possibly going to be easier, as they are going to implement the changes and embrace them as part of the steps to take when building a new website. It will take those of us who already have a few websites on the go, a little longer. But it's definitely doable :)
In addition to this, you must be prepared to explain how the data will be protected and also how you will permanently delete someone who "wishes to be forgotten." It's complicated, but you are right, it's not something which can be ignored. Here's our latest blog post on it (as an affiliate network our responsibilities are enormous!). I'll have a white paper on it next week. https://www.awin.com/us/news-and-events/gdpr/data-controllers-data-processors-and-data-processing-agreements
See more comments
This is excellent information, Giulia. Thank you for sharing it.
Wayne
You are most welcome Wayne :)