GDPR and What It Means for Bloggers?
The GDPR deadline is looming. For some, that will send shivers down their spine. For others they will wonder what on earth it stands for. GDPR, or the General Data Protection Regulation is a piece of legislation that comes into force on the 25th of May. It will affect anyone who controls and processes data.
So what is GDPR and what does it mean for bloggers?
Whilst this blog post is by no means exhaustive and should not be used as professional guidance, it will hopefully give bloggers a basic understanding of what changes they need to make to comply from the 25th May.
The main thing that unites bloggers will be the capturing of email addresses for newsletters and comments on posts so lets begin there.
It is imperative that everyone who's data you have access to has given you explicit permission to do so. You may have seen your favourite companies send "opt in" emails over the past few weeks. This is to ensure they have this consent but also have a record of when it was given. If you store a large database of leads, it will be worthwhile arranging one of these. Mailchimp over good guidelines on how users can update their profiles. Yes this is decimate your database, however you will be left with a group of people who really do want to hear from you, and work can now begin on regrowth.
Additionally, if you allow comments on your blog, you should make sure there is a checkbox present to ask users if they agree to the message they have posted being linked to their email address. As wordpress are fully engaged in being GDPR compliant, this should be covered if you use them for blogging.
It is imperative you only store data that you absolutely need and that it is cleansed regularly. If people do not opt in to your communications, then you should remove any personal data you hold about that person. Any excel file housing data should be password protected or ideally stored in a GDPR compliant platform, ie Mailchimp.
The Right to Be Forgotten
Remember to make sure you check your plugins are all GDPR compliant. You will be surprised what apps collect what information and it is best to read up on them individually. Even the likes of Jetpack will be collecting data you might not be aware of.
What happens if my data is breached?
Should the unlikely happen and your website is comprised and data breached, you have 72 hours to notify your audience. Most of us do not need to worry about it but is a reminder we should always keep our site and data we hold secure.
What if you don't comply?
We should all try to follow legislation not just because it is the right thing to do but because GDPR is designed to protect people. If you don't comply, larger companies can face huge fines and notification to relevant authorities. Luckily for most of us, we will be under the radar however it is the best practise of any blogger to ensure we are fully compliant.
For further information, you can drop me a wee line. Have you got any GDPR advice you can help the community with?