132 - Tips for GDPR Compliance and Why Data Matters
If you haven't heard of GDPR, get ready. Like the term "data," you're going to be hearing this buzzword a LOT. I've got several posts on it already and will likely have more to say. In this post and podcast episode I'll share why all this data talk is significant, why we need to think about it to not be smarmy, and tips for GDRP compliance.
I'm also running a free workshop this week on Freebies + GDPR you won't want to miss. REGISTER NOW!
WHY DATA MATTERS
Did anyone else catch all those memes and silly videos about Congress questioning Zuckerberg? Many of us laughed at that, but here's the thing: were you surprised by anything he said?
Like maybe how Facebook might be tracking you on a website that's not Facebook even if you don't USE Facebook?
Here's reality: Data has long been overlooked and it's about to change.
People haven't realized how precious data is and the common user of the internet has very little idea what is being tracked and how. These data conversations are really GOOD because they are forcing transparency.
I think this is going to have massive ramifications and this whole data buzz word will be around for a while. It also may have long-reaching impact on your business, if you are doing things like running Facebook ads or having a website or email list. I think that there will be some pushback from the typical users who may not like that your blog is storing their info or sharing with third parties.
Oh- you didn't know your website was doing that? Let's look at what it IS doing.
WHAT DATA YOU MIGHT BE STORING
If you have Google Analytics on your site, the Facebook tracking pixel, or run advertisements with third parties, accept comments on your blog, or have comment forms, you are collecting data.
How much depends on what you're using. Even if you don't KNOW it, you are tracking data.
If you head into the back end of your blog, you'll find that commenters have email addresses stored on your site. That's data that you've collected and GDPR says you are responsible for it. WHAT. Same with contact and other forms on your site.
It goes deeper with Google Analytics, even though that typically is using ip addresses and has lots of anonymity (from my understanding). And if you have the Facebook pixel on your site or are using Google ads or other advertisers, you may be sharing your readers' data with third parties EVEN IF YOU DON'T KNOW IT.
So if this sounds creepy to you at all, you'll understand why I said that there is going to be long-term fallout and some people are really going to balk at this.
DATA, GDPR, AND BEING SMARMY
Y'all know I'm all for not being smarmy. So in one sense, I LOVE that this is being brought to light. As bloggers and people using the internet, we need to KNOW that we are storing data. We should know what is being tracked and we should be up front about that with our readers.
It's not smarmy if you don't know and don't tell your readers because you simply didn't know. However, as this data conversation continues, ignorance will not keep you from potential fines or from being responsible for the data you're (unknowingly) collecting.
I like that now we are creating some accountability.
I don't always like some of the specific ways this is playing out with GDPR, but I think that we are moving in a good direction by making all of this more transparent and honest. It's not going to be the wild west of data anymore.
Now you know and knowing is half the battle. The other half is doing something with that knowledge. So let's get into specific tips for GDPR compliance.
TIPS FOR GRPR COMPLIANCE
Here are a few very actionable and fairly simple items you can do:
Get the GDPR COMPLIANCE plugin. This will add a checkbox for consent on your comments and also any forms on your site.
Add a banner or overlay asking consent for cookies. I used a widget called EU Cookie Law Banner that I found in my Wordpress site under appearance/widgets. Likely you will see this banner floating along the bottom. I updated it with custom GDPR language. You can also check out the free option from Cookiebot...but I found it a little more robust than I think (hope) is needed.
Find out what your email service provider is doing. If you are not using a trustworthy email service provider, this is the time to switch. Under GDPR, you are the data controller, but a lot of the heavy lifting will fall to your data processor. You are responsible, but they do a lot of the tech stuff. Email them to ask. I know that Convertkit, Mailerlite, and Mailchimp have things in place and have already heard from a sad listener who is losing tons of subscribers because of her email service provider and GDRP.
Sign up for my free workshop on GDPR and freebies. I think this is going to be one of the biggest areas of impact, so I'm going to dive DEEP into what this looks like. If you are using freebies, lead magnets, or reader magnets to get people to sign up for your email list, you need to come. (If you don't know what those things are, read my post on freebies.)
Links mentioned in the episode:
- Data being more precious than oil
- GDPR FAQs
- Which Email Service Provider You Should Use
- Disclosure - You're Doing It Wrong
- Amazon Disclosure
- Affiliate Programs and Disclosure
- GDPR Compliance Plugin
- ConvertKit - get 30 days free! (this is my affiliate link- message me so I can give you my bonus freebies when you sign up)
I hope you found these tips for GDPR compliance helpful and that you are not too freaked out by the whole data situation and what you are collecting and what is being collected by other people when you go to mom blogs on the internet, for example. This is the world we live in!