GDPR Policy: This Is What You Need to Know to Avoid GDPR Fines

By: | June 19, 2018 | Tags: , , , ,

 

How to still comply with the GDPR policy

Have you complied?

April 25: The day Google wrote to notify me of the GDPR policy.

What is the GDPR policy and why would Google need to write to notify us?

Guest author Denise Riches is here to tell you what you needed to do by May 25, almost one month ago.

If you did not take the required actions to be in compliance with the GDPR policy and avoid GDPR fines by that deadline, please stay until the end of the post.

My technical helper Phillip will explain what you can still do to avoid GDPR fines and be in compliance with this new law even though the deadline has passed.

GDPR Policy

by Denise Riches

Surely by now, you’ve come across the term, “GDPR”. It’s quite possible that you’ve gotten this close to the GDPR deadline without knowing what it is or how it affects you as a blogger.

What the GDPR Policy Means

GDPR stands for General Data Protection Regulations, and it is a standard regulation for the use and transfer of data, specifically online data and it comes with a compliance deadline of May 25th, 2018.

GDPR will be updating old data regulations, known as the 1998 Data Protection Act. The reason this needs to be updated is due to the advancement of technology in our very digital era.

The origin of this regulation is in the EU (European Union) but it also directly affects any customers or contacts that you may have in the EU.

In plain English:

GDPR Optin

Anyone who handles incoming digital data needs to be GDPR compliant, and this includes bloggers. If you have an opt-in for a newsletter, a web form or any intake of an email address anywhere on your blog or website, GDPR affects you.

Auto opt-ins will be a thing of the past, as you will need explicit consent from any person in order to put them on a mailing list. To be extra safe, changing it to a double opt-in will further protect you in the case you are questioned later.

This means that a pre-filled check box to receive future newsletters or emails is a big no-no. It goes against the GDPR policy.

Re-branding your site

While it’s not mandatory, it’s a good idea to let the contacts on your mailing list know in advance of any site rebranding you may be working on, they have the clear option to opt-out.

Mailing Lists

Let’s say you have a basic mailing list, but then add a new mailing list for something else, maybe something more specifically relating to your brand, business, or blog. The GDPR policy prohibits you from moving contacts from your basic mailing list to the new mailing list, without prior explicit consent.

If you’d like to let your basic mailing list know about the new list, you can let them know in an email or newsletter about the new list, and give them the opt-in link.

Gentle Reminders

Include a reminder of why your mailing list is receiving a newsletter or email (for example, “You are receiving this newsletter because you signed up to receive regular updates from xyzblog.com.”) If your email marketing doesn’t offer this, and most do, you can probably expect changes to be made by your email marketing provider in order to meet the GDPR policy rules.

Check and recheck your T&Cs

Don’t have any Terms and Conditions? You should! This link can explain what they are and how they are used.

https://termsfeed.com/blog/sample-terms-and-conditions-template/

If you are running a WordPress site or blog, there are T&Cs plugins you can install. What about a privacy policy? You can have both on your site (that little bit extra won’t hurt!) but ultimately, the decision is up to you. Be sure to thoroughly research this and find out what you need to include. This site can help, https://www.iubenda.com/.

It all boils down to letting your visitors and subscribers know what data of theirs you are using and for what purposes. Using Google Analytics? Yup, you’re collecting data and your visitors need to be made aware of that.

GDPR policy: How to protect yourself after the deadline

GDPR Compliance Checklist:

What’s the bottom line?

In essence:

  • Be clear about the information you’re gathering from visitors
  • Clearly offer opt-ins and opt-outs
  • Have a privacy policy and/or T&Cs on your site
  • Don’t move contacts from one mailing list to another.

GDPR is not completely understood yet, as many things are still being worked out. However it’s a wise idea to do your own research, or perhaps sign up for GDPR training. There are plenty of resources on the Internet, it just takes a simple Google search.

It’s more likely that big companies and corporations are going to be the most closely watched, rather than us little guys, but don’t leave it to chance.

I hope you’ve found this information helpful!

Author Bio:

Denise Riches is a virtual assistant who resides in Ontario, Canada with her husband and their two sons. She is also a blogger at Smores and Sundresses (www.smoresandsundresses.ca). Denise enjoys spending time in the great outdoors with family and friends, and blogs about her adventures. When she’s not camping, she’s cooking, baking, writing or quite possibly skimming through Pinterest (her guilty pleasure).

Upon learning about GDPR and how it affects her virtual assistant business, she wanted to ensure that fellow bloggers were aware of the change in data protection laws. While not an expert in the subject, Denise encourages readers to research the topic further to prevent any complications.

denise@smoresandsundresses.ca

https://www.instagram.com/ddr_74

https://www.pinterest.com/ddr74/

Host Blogger’s Comments:

What Can You Still Do to Avoid Paying GDPR Fines?

According to my technical assistant Phillip Dewes,

“As for the GDPR policy page: I have no idea as yet as I am not a legal person but don’t worry too much if it shows on your site that you take privacy very seriously. Lots of people have been panicking about this thinking they’re going to get a 20 million (euro) in GDPR fines, but it’s just scaremongering and nothing to worry about. As long as sites are showing they are taking privacy issues seriously, then there is nothing to worry about.

Phillip can still help you comply with this new regulation. Here is his contact information and his requested compensation:

phillip.dews@theweb.engineer

“The cost is £50 (about $67/$68).] There are no GDPR sanctions since there is no late fee as the law has been around for a while now. It just comes into force yesterday but there is not a police force targeting websites that are not compliant. More people wanting to work with website owners to make sites compliant, the GDPR fines are for people who in my humble opinion refuse to change their sites to be more compliant. Have a look at this website for more info on GDPR and what it all means…. https://ico.org.uk/.”

Readers, please share so other website creators learn about the GDPR policy, read Denise’s GDPR Compliance Checklist, and are assured by Phillip’s comforting words about avoiding GDPR sanctions.

Related

If you’d like to avoid paying GDPR fines, you might be interested in how to avoid paying fines for unintentional plagiarism.

  1. M. L. Kappa

    Dear Janice, thanks for another interesting post. Sorry to be so stupid, but there’s still one thing I’m not clear about: I have a simple WP blog, no adds, no newsletter, I don’t sell anything—does this apply for the people who’ve subscribed to get my posts by email?

    • Janice Wald

      Hi Marina,
      Not stupid at all! I wondered the same thing. If you accept emails, you need to be in compliance.
      The reason: This is a privacy regulation. Email addresses are personal information. Great to see you. Thanks for your question.
      Janice

  2. Vishwajeet Kumar

    Hello Janice and Denise,

    Wonderful post. GDPR is a quite trending topic over the internet. I have seen many users asking the similar question about it on different forums and community. If your website or blog has a single visitors from the UK and any other European countries then you are under GDPR. You have to show a cookie consent message to the visitors when they land your site first time. This will ensure that your users are accepting and abide with your privacy policy page. You also have to show the link or URL of your privacy policy page on the consent message. Thanks for sharing these helpful tips.

    Have a Great day 🙂
    Vishwajeet

    • Janice Wald

      Hi Vishwajeet,
      Thanks for writing and for your compliment on our article. Some people say this is just for Europeans while others say this is for everyone. I’m not taking any chances! You mentioned the cookie consent message. Phillip, my tech helper, who I quoted in the article, put that cookie consent message on my blog. His contact info. is in the article if people want to take similar measures who haven’t already.
      Janice

  3. Lisa Amaya

    Is this in Europe or the U.S.? Both? I remember getting this email from Google. I was like… what is this? So, just in case should I just add whatever it says for WordPress on my blog? I haven’t clicked on the link yet. Thanks for this post!

    • Janice Wald

      Hi Lisa,
      I have heard the law is in both Europe and all around the world– conflicting information. I collect emails and I have readers in Europe, so I wanted to make sure I was in compliance.
      I figured that many people had questions about what Google sent us. I’m glad my post could clarify information for people, especially now that the deadline has passed. Thanks for commenting. Good to see you.
      Janice

      • Denise

        I agree with Janice… there are many conflicting reports! However, to be on the safe side, it’s probably wise to make sure you’re compliant anyway. It’s not worth taking a risk. 🙂

  4. DGKaye

    Great post from Denise. Happy to report I did my homework a month ago and I’m fully compliant. 🙂 What a pain!

    • Janice Wald

      Hi Debby,
      Thanks for commenting. It sounds like I missed a bullet! I had Phillip, my tech helper, do everything. Sounds like it was money well spent from what you tell me.
      Janice

    • Denise

      Thank you, I’m glad you enjoyed it and are compliant. It definitely IS a pain to work through, especially when the powers that be haven’t got it all figured out yet. 🙂

    • Janice Wald

      Hi Ellen!
      I appreciate your comments. Thanks for coming by. I’m glad you felt our post was helpful.
      Janice

  5. Terri Webster Schrandt

    I am happy to say I complied with this even though I do reside in the EU…but many of my readers do. WordPress dot com has some automatic plugsins and other helpful GDPR compliant information we use. Myself and other bloggers have created pages on our blogsites to address the issues, as well as on my comments message https://secondwindleisure.com/privacy-statement-second-wind-leisure/ It was great to see my friend Denise posting this useful information today!

    • Janice Wald

      Hi Terri,
      Thanks for coming by. You and I are both in California. Many of my readers are in Europe like yours, so I certainly wanted to be in compliance. I had Phillip, my tech helper, handle complying for me. It sounds like you handled it great– and without having to outsource! Thanks for the link so people can see what you wrote.
      Janice

  6. Rajkumar

    I read so many articles on GDPR on the internet but the way you explain GDPR is quite interesting. I liked your writing style and this article will surely help all the bloggers who are still confused about the concept of GDPR. Thank you for this amazing post.

    • Janice Wald

      Thank YOU for these amazing comments! I’m glad you feel my post is helpful. Thank you for writing to tell me.
      Janice

Would you like to share your thoughts?

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

LinkedIn
Share
Instagram
%d bloggers like this: