GDPR, which stands for General Data Protection Regulation, is a law covering data protection and privacy for all individuals within the European Union (EU), the European Economic Area (EEA) and also the export of personal data outside the EU and EEA areas.
Although the GDPR regulation was implemented on May 25th, 2018, I’ve seen many blogs that are NOT GDPR compliant.
My guess is that bloggers outside the EU simply assume that they don’t need to be GDPR compliant.
Those bloggers would be wrong.
Here are just some of the ways in which you may be collecting user data that you might not have considered.
- Visitors are allowed to subscribe to your WordPress blog.
- Site visitors are allowed to post comments on your WordPress blog.
- You collect names and email addresses through Aweber or other autoresponder service.
- Your blog has a forum or bulletin board.
- Google Analytics has been installed to track traffic and audience behavior.
- Any type of social media embed, i.e. Facebook, LinkedIn, Twitter, etc.
At the very least, you should be building an email list and tracking visitors to your blog with Google Analytics!
What happens if your site in not GDPR compliant?
Violators of the GDPR may be fined up to €20 million or up to 4% of their annual revenue, whichever is greater.
OK, while it’s unlikely that you’ll be fined €20 million (about $22.66 million US) tomorrow, wouldn’t it put your mind at ease to simply comply and avoid risking a fine?
Moreover, if you comply with GDPR and that compliance to protect visitor data is obvious from the moment a visitor arrives on your website, you’ve established an element of trust right from the outset!
How to make your blog GDPR compliant
To be GDPR compliant, your blog must clearly disclose any data collection and the reasons for that data collection. It must also state how long the data will be retained and if it is shared with third parties outside the EEA.
That might sound difficult to figure out and do, but it’s actually very simple.
After doing that, all I did was check the site to make sure the plugin was working properly – which it was!
NOTE: Simply installing the plugin won't necessarily make your blog GDPR compliant but it's a good step in the right direction. For more information about GDPR compliance, check out the following resources:
Did you find this post informative and useful? If so, please share it with others! If you have a comment, question or suggestion, please leave a comment below!
Sam Dey says
Great post, I have not seen many articles on GDPR specifically for blogs so this was 100% useful. Thanks Rosalin!
Rosalind Gardner says
You are most welcome, Sam. I’m glad you found the article useful!