April 23, 2018
The Famous G*** Word
If you haven’t heard about the new GDPR rules that need to be implemented for online business owners across the world, let us break down quickly what you need to be aware of.
Please note that this is a legally binding implementation from the EU and that Ashley & Malone has nothing to do with how this should be implemented on your website. We’re here to assist you should you decide you want to make updates to your website but we are by no means legally responsible or advised to give you legal advice on what to do or what to include. Got it, phew 😉
What it is:
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
Why it matters:
Basically if you collect data on your website you need to protect yourself from potential fines that will be implemented from the EU if you don’t comply to their data collection rules.
What it means to users:
The EU is protecting its people by giving them power over their personal data. Which means that you need to be transparent on a few details if you have users coming to your website from the EU.
If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll need to comply with the GDPR.
Most websites, even if your main client base isn’t in the EU can access your site and if you have even simple things like Google Analytics installed on your website, you are essentially collecting data from users.
What you need to do:
• What information is collected?
• Who collects this data?
• How is this data collected?
• Why is this data collected?
• How is the data used/processed?
• With which third party entities and for what purpose is the data shared?
• Is the data leaving the country?
• How can a user make contact to: 1. view data, 2. correct data, 3. delete data and 4. withdraw consent to the processing of this data?
This may seem a bit intimidating but you just need to be as transparent as possible. Most of our clients just collect their user emails for contact reference or for subscriber email opt-ins. So you should just state why you do this and give them an option for you not to collect this information.
2. If you have a contact form on your website, you’ll need to include a disclaimer that explains why and how you will be using the information/data that you’re collecting and that they fully consent to you using that information as you suggest.
3. If you have a opt-in for an email newsletter, you can follow this article from Mail Chimp on what you need to do: https://kb.mailchimp.com/
accounts/management/about-the- general-data-protection- regulation.
4. Enable IP Anonymization for Google Analytics.
How we can help:
You need to act relatively fast, this comes into play on May 25th, 2018. We will schedule the requests on a first come, first serve basis and will do our best to meet all the changes in an efficient manner. Because we’re coming up close to the date, we’ll likely be doing these changes for clients over the next few weeks. I’m hopeful (but can’t guarantee obviously) that there will be somewhat of a grace period but business located in the EU should act fast and will be given priority. Simply email us at firstname.lastname@example.org to get started!
Join Our List!