If your website is seen in EU or you have people from EU registered in your website GDPR applies to you, and you need to make your site compliant.The EU regulation GDPR states that regardless of the platform we use to develop our websites we should manage our sites well enough so that users can manage their data.
The question that arises is “How do I do that?”If you develop and manage your website yourself, you will need to look for the tools to make your site comply or, and this is your best decision, get yourself a professional developer.
What is GDPR?GDPR is an EU regulation. It was created and passed in such a way that affects the global Internet.
Why It Affects my Website?Because websites are visible worldwide and many of them collect and use the users’ data at some point. Some do it professionally, while some others do not. The regulation was created to protect the European citizens but hence applied to all websites seen in EU and/or used by their citizens, the regulation somehow protects millions of Internet users out of the EU, as well.
What If I Choose Not to Comply?
The consequence is that if you are found to having European citizens personal information, while non-compliant, you may be fined for up to 20 million Euros. This is scary!
ResponsibilitiesAccording to GDPR, if your website uses or collects any data owned by a European citizen you have the following responsibilities:
- Tell the user: who you are, why you collect the data, for how long and who receives it.
- Get a clear consent, before collecting any data
- Let users access their data, and take it with them
- Let users delete their data
- Let users know if data breaches occur
SolutionA few changes and updates to your website put you on the safe side of the Internet. WordPress users, you are in the lucky 30% of the Internet. A team of WP Core contributor developers is working on GDPR to make sure the core code is compliant. They have a website for developers and managers WP GDPR Compliant. You can keep up updates there. Here I share some simple steps to keep yourself and your data/users data safe.
- The process to completely delete users’ data from your records (‘right to be forgotten’ included in the law)
- How you will inform of data breaches
- In case of eCommerce, explain how long you will retain your information as part of your country’s regulations
- Ask only for the data you really need.
- Use a GDPR Opt-in. Make sure subscribers always give their consent before their information enters into your database.
The rules apply to any area of the website where users need to subscribe or login, like newsletters, subscriptions, eCommerce forms, and even the comments where users have to add their email.One more suggestion, avoid taking the contact information from your social media like LinkedIn to send unwanted mailings, even when having an unsubscribe option on your emails. If you don’t have a “subscription consent,” you may get yourself unnecessary problems and expensive fines. Basically being GDPR compliant means you are transparent and respectful of your users. If you have questions or need your website to be compliant, let me know. Contact us! Send us an email to customercare(at)marcomtec.com. *Image from Shutterstock
CEO Magic Masterminds/Marcomtec