Smithsology
Image default
Blogging Career

Blogger’s Edition : 10 Things You Need To Know About GDPR For Bloggers… Simplified

If you’ve been in the blogosphere long enough, you will find ‘GDPR’ to be one of the important buzzword over the past 6 months. While it is important, It remained to be one of the least popular topics of discussion, as opposed to … well, starting a blog or making money! This does not surprise me, however, as I myself sort of tried to ignore-pretend it didn’t exist until my super awesome tech guy poked, nudged and nicely reminded me for weeks to look into it.  To which I had no choice but to sit down and pay attention. I am sure there are many of you out there in the same boat as me, but let me stop you there. This is something I wish I would have done sooner as it is not as difficult as I thought it was. Yes, it involves regulation and there’s laws, jargons, few things you need to do. It’s soooo easy to put it in the too hard basket. Which is why I am doing this for you, 10 easy to follow points on GDPR for Bloggers.

This article will cover the definition of GDPR; a quick spiel on why you need to implement it on your website and most importantly, how to implement it on your website; quick and easy. Well, it took me a total of 30 minutes from start to implementation. If you are a newbie blogger, or cannot be arsed to learn about GDPR, then this article is written with especially for you in mind.

 

 

What is the GDPR Law ?

#1. The General Data Protection Regulation (GDPR)  is simply an updated  European Union (EU) regulation. This is in regards to data protection and privacy for technology users who are within the EU and the European Economic Area (EEA). This new law is in effect since May 2018 to replace the older and outdated Data Protection Directive Law that came to force in 1995.

#2. It is basically an online extension of privacy and human rights as individuals for people who live in EU. This regulation was put in place to ensure that the personal information EU users give out, is treated with respect, gets processed and utilised within the extent of the law.

#3. The aim of GDPR is to ensure information shared is protected and no information is publically made to others without consent. Data collector (businesses /organisations ) must also be transparent in handling data. They also must put in place an adequate data rights management system to retain the valuable data. GDPR is beneficial as it enhances cybersecurity, boost users loyalty and trust, as well as improve the way companies approach data management.

 

 

 

Bla, Bla, Bla, So How Does This Affect Me? A Blogger!

#4. Okay, let’s face it unless you are moonlighting as a Technology Espionage,  we bloggers are not really a data collecting giant like Facebook or Google. But as a blogger, to a certain level, you do to a certain extent collect and hold some personal data. For instance, email subscription, the information you obtain from holding a give away or contests, payment details and address. So all these from an individual – a living individual, that is classified as a personal data. Wait, what ? but I hardly get any visitors from there! Well, all you ever need is ONE person stumbling upon your blog before this applies to you. Better be safe than sorry aye?

#5. So, since you have decided that the GDPR applies to you. You need to treat the private information you get from your readers with respect and in compliance with GDPR requirements. But don’t panic yet, the GDPR compliance is not as hard as you think. One thing you shouldn’t do though, do not ignore it, because the GDPR is here to stay! As a blogger, it is your duty of care to demonstrate to your readers that you have everything necessary in place, to ensure that your blog is a safe place for them to visit and get information from and provide information to.

 

 

So, What Do I Need to Do to Comply?

#6. Okay, since this article is about the GDPR simplified, I will only touch on the minimum requirements you should have as a blogger. If you feel like your blog requires something more comprehensive, the beautiful ladies from Tiny Love Bug has a course that will help you navigate GDPR easily. However, if you are a simple blogger like me, just make sure your blog is covered for the following ;

a) Advise your EU/EEA readers who you are,

b) You must get clear consent before collecting any personal data

c) You must notify your readers why you are collecting these data

d) Allow your readers the opportunity to access or delete their data

e) You will notify them should there be any data breach.

#7. Sounds like a lot to do! Nope, don’t panic yet, it is not as complicated as it seems. Here are the things you need to do to comply:

 

Smithsology Privacy Policy

The start of our privacy policy

 

a) Create a Privacy Policy on your Blog

b) If you have not done so already, make sure your site is https rather than http.  SSL initiate secure sessions with browsers, letting your traffic know that your site is secure. You can get SSL normally from your hosting provider.

c) Make sure your WordPress and plugins you use get updated to the latest version. Let say, your plugin has not been updated for a while, it is time to get a new plugin.

d) Check the 3rd party services you use on your blog (eg: Google Analytics, Facebook Pixels, Jetpack), list them down so you can include them in your privacy policy (point 7 (a))

e) Make sure you have the option to unsubscribe from your subscription list or opt-out from subscribing. If you are using good subscription based plugins such as Mail Chimp, these features are included.

#8. Still, that seems a lot, right? I mean how would one know how to write a proper privacy policy? using the right terminology and jargon? Well, this is what I used to make my GDPR problem go away. I used a Privacy Policy Generator. These are two I would recommend Free Privacy Policy and Iubenda. These two are FREE privacy policy generator. All you need to do is to fill in the areas you are asked to, to make the privacy policy site specific. Part of the information that will require your input will be the 3rd party services mentioned in point 7(d)

#9. On top of the privacy policy, there is also the Cookie Policy. The Cookie policy is included in the Privacy Policy, but you will find that most websites will also have a pop-up Cookie Policy Notification. You can also have this on your website. On the same websites recommended in point 8, on top of generating Free Privacy Policy for you.  These websites also offer free GDPR & EU Cookies Consent.

 

Smithsology Cookie Policy

Cookie Policy Notification

#10. Okay, once you have generated these two policies, make sure you display them somewhere easily seen and accessed by your readers. This is of course, on top the requirements stated in point 7 (a) – (d). Voila, that’s it! You now comply with minimum GDPR requirements as a blogger, for your blog.

It wasn’t that hard, wasn’t it?

 

 

Bits and Pieces About GDPR

  • This law applies to UK despite Brexit
  • Let say, if your blog has never had any visitors from EU/EEA , it is still worthwhile getting one, for any future traffic from the area. Even if you live away from EU/EEA- if you receive readers from the EU/EEA area, this applies to you
  • There are fines for non-compliance; a maximum of € 20 million or 4% of annual turnover (whichever higher)
  • This rule applies even when you are not making money. If you are collecting personal information of users, this applies to you

Looking for more Blogger’s Edition Article ? Check Out  9 Time Consuming Tasks Every Blogger Should Outsource to Optimise Productivity

Related posts

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More