How to Make Your Blog GDPR Compliant
General Data Protection Regulation (GDPR) is rolling out in a couple of days, so we're going to jump right into this business.
What is GDPR?
GDPR is short for General Data Protection Regulation. It is being enforced beginning May 25, 2018. If your site/business does not comply to this regulation, it could cost you.
This regulation is meant to protect the personal data and privacy of European Union (EU) citizens. Whether or not you physically live in the European Union does not matter.
You must comply with GDPR if any of the information regulated passes through your site/business.
What Information Does GDPR Protect and Regulate?
- Identifying information such as name, address, and identification numbers
- Health data
- Web data including IP addresses, cookie data and RFID tags
- Biometric and Racial Data
- Sexual Orientation
- Political Opinions
GDPR extends to third parties that you work with. If the third parties you work with are not in compliance, then you are not in compliance.
How to Make Your Blog GDPR Compliant?
Here are some things to check and update to make sure your blog is GDPR compliant:
- Consumer is informed of your policy in clear, plain language.
- Consumer can approve and withdraw consent at any time.
- Consumer can make/correct changes to data that is inaccurate or incorrect.
- Consumer can ask personal data to be deleted at any time.
- Consumer has a right to know information that has been collected.
- Consumer has a right to know how information is processed.
- Consumer can transfer personal data from one system to another.
Updating Your Mailing List
According to GDPR, you must have explicit consent to have people's data on your list. The easiest way to do this with your current subscribers is to send out a campaign with an announcement about GDPR and request that they reply to your emailed campaign with a Yes or a No (or simply unsubscribe).
Anyone that says no, you must unsubscribe them immediately, if they have not unsubscribed already.
I know that this might suck - we don't want anyone leaving our list, but in reality, those that want to stay on your list will stay. They are your true audience.
For any new subscribers, be sure to prepare a double opt-in along with the extra check box options that email marketing programs like Mailerlite and ConvertKit have been rolling out these last few weeks. Check with your provider about how they've made it easier for you to be GDPR compliant.
I hope you found this post helpful in guiding you towards becoming GDPR compliant the easy way. We enjoy simple things around here, of course.