What the flip is the GDPR? Plus 5 quick compliance tips
GDPR seems to be all we’re hearing about at the moment. But what does it all mean?
I’ve had a lot of clients come to me concerned about how it’s going to impact their websites and what they need to do to become GDPR compliant.
At this point you’re probably thinking ‘GDPR compliant? What??’ 😕Sounds technical, and boring and a bit scary right? But fear not.
In this post you’ll learn what the GDPR is, how it impacts you and I’ll also give you 5 actionable steps you can take right now to help make your website compliant with these new regulations.
In the post I will cover:
- What GDPR is
- Which website owners need to comply with the GDPR
- Why it’s important your website is GDPR compliant
- 5 quick tips to make your website GDPR compliant ✅
- Where you can find help with and more information on the GDPR
A quick disclaimer: You can probably tell by my use of emoji’s that I am not a lawyer by any means. You should not take the information contained in this article as official legal advice. Please consult a specialist GDPR compliance lawyer before making any decisions about your website’s compliance to GDPR.
What is GDPR?
GDPR stands for the General Data Protection Regulation. It’s a policy created by the EU to protect personal data such as names, contact details and interests provided by individuals to third-parties. The goal is to ensure website owners and organisations big and small take measures to ensure the data provided to them is kept secure and is never used for a purpose other than that which the individual has consented it to be.
The focus is primarily on protecting the personal data of individuals based in the European Union however these regulations will no doubt have a positive impact on protecting the data of people worldwide.
Which website owners need to comply with the GDPR?
It’s a common misconception that only EU-based organisations or organisations who promote their products and services to EU customers need to be GDPR compliant. However, all website owners, not just businesses but even personal bloggers and non-profits, who allow their website to be viewed by EU residents are expected to comply with the GDPR.
So essentially, unless you have intentionally allowed your website to be inaccessible from countries within the European Union you are expected to comply.
Many business owners I know outside the EU have been a little stroppy about these new regulations being imposed on businesses like ours literally on the other side of the world.
Yes, I’ll concede, initially I was kinda annoyed too.
However, after looking into the intent behind the GDPR I’m now wholeheartedly onboard. If the GDPR can help make the Internet a safer place, reduce spam, identity theft and unauthorised use of our personal data then I’m all for it.
Why it’s important your website is GDPR compliant?
Well first of all there are some hefty fines if you fail to comply. But on top of that I feel it’s important to be GDPR compliant so as we all take responsibility and participate in making the Internet a safer place.
So now you know what GDPR is and why it’s important to comply, but all you really want to know is…
How to make your website GDPR compliant?
Here are some quick tips to help bring your website up to GDPR speed…
1. Have a Privacy Policy
If you don’t already have a Privacy Policy on your website you should. I can highly recommend the guys at Legal123. They have a website package that includes a Privacy Policy, Disclaimer and Website Terms & Conditions all written by Australian lawyers.
Once you have your Privacy Policy, if you’re using WordPress, login to your WP Dashboard, ensure you’re using the latest WordPress version and then click on Settings > Privacy. From there you can create and set your Privacy Policy page.
2. Enable double opt-in for Email Marketing forms (such as MailChimp)
If you’re collecting your website visitors email addresses and storing them in a database you should have double opt-in enabled. This will ensure you have the consent of all your subscribers.
Double opt-in is when a subscriber is sent an email and asked to confirm their email address and subscription to your list, generally by clicking a button or link within that email. If this doesn’t happen already, you can enable double opt-in by logging into your email marketing account (i.e. MailChimp, MailerLite, etc.), finding the option and turning it on. Refer to your provider for specific instructions.
You may also need to ensure double opt-in is enabled on the form plugin you use to collect the email address on your website, such as Bloom or Gravity Forms.
3. Be clear about how you intend to use the data provided to you
Some people, in my opinion, have gone a little overboard by adding checkboxes to their forms to gain official consent.
This is what I’m talking about… not the best for user experience don’t you think?
When really, all you need to do is be clear about how you intend to use your website visitors’ data. For example if you had an opt-in form on your website you could just be clear in your wording saying something like this:
If you have a contact form, quote form, brief form or something similar on your website you can simply add a checkbox at the end saying something like: “You agree for us to use your supplied details to communicate with you and potentially offer our professional recommendations to enhance your business. We will never share or sell your details.”
4. Facebook Pixel
The Facebook Pixel records usage data of Facebook users and reports back to Facebook helping to build the user’s behaviour profile. Although, you don’t have direct access to this data, if you have Facebook Pixel installed on your website it’s still advisable you provide users with the ability to opt-out of tracking.
The good news is there’s a super simple solution called Facebook Pixel Opt Out plugin. Simply add this plugin to your website and configure the settings and you’re good to go.
5. Google Analytics
According to GDPR, an IP address is considered personal data. Therefore, anything that records an IP address needs to comply. A common thing on most websites that records IP addresses is Google Analytics.
But again I have an easy solution for you. If you use Google Analytics on your website there’s a free plugin that can anonymise IP addresses called Google Analytics Dashboard for WP. All you need do is:
Install and configure Google Analytics Dashboard for WP plugin. Once installed, go to Google Analytics in the sidebar of your WP Dashboard, then click Tracking Code > Advanced Settings > and set “anonymize IPs while tracking” to on.
BONUS TIP: Add a Cookie Consent Bar
If you’re website doesn’t already comply with the EU’s Cookie Law then now is a good time to get on top of that as well.
Cookies are like little breadcrumbs left in the browser that help enhance a website’s user experience, track user behaviour, preferences, etc. If your website runs on WordPress or uses any form of tracking such as Google Analytics then your website uses cookies and it should comply.
The good news is it’s quite simple to comply with this law compared with the GDPR. There’s only one extra thing you need to do which is add a cookie consent bar to your website that links to your Cookie Policy (generally a section within your Privacy Policy).
Here are some examples:
Both of these examples were created using the Divi Bars plugin by Divi Life. The plugin comes with these templates already set up so it’s even simpler to get them appearing on your website in no time. Too easy!
Where to find help and more information about GDPR?
I really hope you’ve found this article helpful and have some clear steps you can take today to get your website up to speed.
If you’d like to learn more, when researching the GDPR and Cookie Law I found these articles really helpful:
- https://divilife.com/how-to-make-your-divi-website-gdpr-compliant-plus-4-myths-debunked/
- https://premium.wpmudev.org/blog/cookie-consent-notices/
Please note: I will only ever recommend a company’s product or service I have tried, tested and above all love. So needless to say I’m very picky about who I become an affiliate for. Some links on this website are ‘affiliate links’. This means if you click on some links and purchase something from that company, I may receive a small commission.
Keen to learn more about building websites with WordPress?
Grab your copy of my Dummies Dictionary of Web Dev Lingo. Start learning the lingo — like what the heck CSS, SSL and a sitemap are — and you’ll be speaking web geek like a native in no time!
Here’s to making the web a more beautiful place. Em x
About the author
Hi! I'm Emma. I’m a graphic designer turned web designer on a mission to teach others how to build beautiful & professional websites with WordPress. Through mentoring and my online courses I teach other graphic designers and entrepreneurs how to build their own websites using my 9-step process. In my spare time I love writing about my freelance life, creating pretty things and hanging out with my fiancé & fur-babies. Find me on Insta & in my Facebook Group