GDPR
  • 619 views

GDPR – May the User data be safe

Total
0
Shares
0
0
0
0

*This is not law advice. Information collected from websites.

A law that is creating much confusion as everyone is not sure how a law implemented in the European Union affect the websites that are created all over the world.

A lot of questions came to my mind when I first heard about GDPR

  1. What is GDPR?
  2. How can it affect you if you are not in the EU?
  3. How the law in the EU affect your website?
  4. How to change your site accordingly?

Lets go through each points in detail.

What is GDPR?

GDPR (General Data Protection Regulation) is a regulation in European Union Law implemented on 25th May 2018.

It guarantees the privacy and protection of data within the EU (European Union) and EEA (European Economic Area). Anyone processing personal data of the user must be compliant by this law.

If you are found to be running a website that is not GDPR compliant, the fine is enormous. The fines are up to 4% of a company’s annual global revenue OR €20 million – whichever is higher. This extraordinary amount is a reason for people to be concerned about this law.

How can it affect you if you are not in the EU?

Being in the internet world, you can expect visitors from any corner of the earth. If your website has visitors from EU and you are collecting and processing the user’s data or monitoring the user’s behavior, then you have to be aware of this law and implement it on the website.

How the law in the EU affect your website?

GDPR applies to the websites of individuals, developers, bloggers, agencies located inside or outside EU, who collects, uses and process personal data of any citizen in EU.

Self-assessment tool by ICO (Information Commissions Office) helps you to check whether this law applies to you. It requires registration and a fee to do the assessment.

GDPR gives a user the following rights:

  • The user must be informed about how to use their data and publish it through the site’s privacy policy.
  • The user must be informed about how to use their data and publish it through the site’s privacy policy.
  • A user has the right to access their data, and you should provide it in a commonly used format.
  • A user can request the correction or completion of incomplete data provided.
  • The user has the right to request the deletion or removal of data submitted by them.
  • A user can restrict the processing of data even though you can store the information.
  • Permit the user to access and reuse data for their personal needs.
  • The user has the right to object the use of their data for marketing and research.
  • A user has the right to decide which prevents giving automatic consent on a checkbox.

According to the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”

wikipedia

You can get a complete idea about the rights at this page

To ensure GDPR compliance, you should

  • Create a privacy policy that clearly states how you collect, use and securely store the user data.
  • Get user’s consent on the use of cookies and keeping track of their activities.
  • If you use forms in your website, limit the data collected with only required fields.
  • If you are running a WordPress website, make sure the plugins you use are GDPR compliant.
  • Donot keep the data collected like for contests or research uses after the required time.
  • Clean up your existing mailing list by sending the user a mail asking the user’s consent.
  • Ensure unsubscribe links at the bottom for your email newsletters.

How to change your site accordingly?

As a blogger or a website owner, you collect a user’s data through
user comments
registration and contact form
user analytics and log
security tools
plugins

User comments:
WordPress default comment form is GDPR compliant from version 4.9.6 by including an opt-in checkbox. All WordPress themes that use the default comment form comes with this feature.

Forms:
Form plugins like WP Forms come with built-in support for GDPR compliance features.

User Analytics:
MonsterInsights is a third-party Google Analytics integration plugin for WordPress. They integrate the changes that Google Analytics has made to their product, so you can easily automate some of the GDPR compliance processes. More info here

Themes & Plugins :
Most of the newly created and updated themes and plugins include support for GDPR compliance.

Security:
Adding an SSL certificate not only makes your site secure but also rank it better on google.

Not using a plugin or theme that is GDPR compliant solves the issue neither creating a new privacy policy, but you have to make sure that you take enough actions to make the user data secure and safe.

Image credit: Freepik.com

Leave a Reply

Your email address will not be published. Required fields are marked *

I accept the Privacy Policy

Sign Up for monthly Newsletters

Get a personal note every month with latest resources and freebies.