Blogging Tips

What is GDPR and How Does it Affect Bloggers?

You’ve probably been receiving a lot of emails lately with businesses updating their privacy policies. This is due to the implementation of a new regulation called the GDPR and yes, GDPR compliance is something you should be concerned about.

To keep things simple, this article is going to cover only what you need to know as a blogger to comply by the new set of rules outlined in the GDPR.

What is GDPR and How Does It Affect Bloggers? #GDPR #bloggingtips

What is GDPR?

GDPR stands for General Data Protection Regulation and it’s being implemented on May 25th, 2018.

Since the old data protection laws were put in place in the 1990’s before technology took over, the GDPR is being enforced now to reflect today’s technology. These new rules will help protect EU citizens and help them keep their privacy by controlling how businesses store, use, and share their data.

If you’re living in a country outside of the EU, you might be wondering why you need to comply with GDPR rules in the first place? It’s because as a blogger, you’ll be reaching out to an audience around the globe which will probably include people inside the EU.

Failure to comply with this new regulation can result in a fine of up to 20 million euros or 4% of your annual turnover, depending on which is higher. You can tell the EU takes privacy very seriously.

How Does the GDPR Affect Bloggers?

1. You need to change the way you collect information

It’s not enough to just get your readers to fill out a form and click the subscribe button anymore to be a part of your email list. You need to get them to actively click a button that shows they understand what they are subscribing to and you also need to provide the subscriber with access to your privacy policy that states exactly what you do with the data you collect.

You can do this in two ways: a checkbox on the form itself, or a separate double opt-in email that allows a user to confirm their subscription to your email list.

It doesn’t just affect subscription boxes. There are other ways you might be collecting data:

  • user registrations
  • comment boxes
  • contact forms
  • Google Analytics or other analytics tools
  • cookies

If you’re using WordPress, you need to ensure that all plugins that collect data are GDPR compliant.

2. You need to reconfirm your current subscribers under certain conditions

Depending on how you collected your subscriber data in the first place, you might have to reconfirm your current subscribers by having them opt in again.

This is the case if you’ve collected emails without using double opt-in or without having your readers click a checkbox that show they give consent for signing up to your email list.

It might sound frightening to potentially lose subscribers from doing this, but it’s also a great thing because all that you’ll be left with are subscribers who are really interested in your blog and are willing to put the effort to resubscribe.

3. You need to add a privacy policy page on your blog

If you don’t have one already, you need to add a privacy policy page on your blog that outlines all the information you collect from the readers on your website, and how you use that information.

Some information you want to include in your privacy policy:

  • What personal information you collect
  • How you collect it
  • Why you collect it
  • How do you use it
  • How long you will hold the data
  • How you keep the information secure
  • Who has access to it
  • If you use cookies or not

Your Privacy Policy page doesn’t have to be super complex as long as you get all your important things across.  You can take a look at our Privacy Policy for reference if you’re not sure what to put on yours.

4. You need to keep the data in a safe place

After you collect data, you need to ensure that it’s kept in a safe place where only you can access it for the purposes outlined in your privacy policy.

You can choose where you store this data but just make sure it’s in a place of high security and has the appropriate hack-prevention systems in place. If this information gets leaked in any way, you will he held responsible.

5. You need to be prepared to provide or erase information at any given time

If a person in the EU requests that you send them all the information you have about them, you are obligated to do so. Upon request, you have one month to send them that information and you have to do it free of charge.

The same thing applies if an EU person asks that you completely erase all of their information as well.

It’s important that you keep your data in an easily accessible format so that you do either of the above at any given time.

This pretty much covers everything you need to do as a blogger to ensure that you’re GDPR compliant. To learn even more about the new regulations, you can visit the GDPR website.

Hey, I'm Stephen! A digital marketing and blogging expert who loves helping others become the bloggers they aspire to be. Don't be afraid to reach out!

Write A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Grow Your Pinterest

Download this free eBook and learn:
- How to get a massive number of repins
- How to get invites to awesome group boards
DOWNLOAD YOUR FREE COPY
close-link
Become a member of the Aspiring Bloggers Facebook Group!
close-image