April 23, 2018

The Famous G*** Word

If you haven’t heard about the new GDPR rules that need to be implemented for online business owners across the world, let us break down quickly what you need to be aware of.

Please note that this is a legally binding implementation from the EU and that Ashley & Malone has nothing to do with how this should be implemented on your website. We’re here to assist you should you decide you want to make updates to your website but we are by no means legally responsible or advised to give you legal advice on what to do or what to include. Got it, phew 😉


What it is:
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.


Why it matters:
Basically if you collect data on your website you need to protect yourself from potential fines that will be implemented from the EU if you don’t comply to their data collection rules.


What it means to users: 
The EU is protecting its people by giving them power over their personal data. Which means that you need to be transparent on a few details if you have users coming to your website from the EU.


If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll need to comply with the GDPR.


Most websites, even if your main client base isn’t in the EU can access your site and if you have even simple things like Google Analytics installed on your website, you are essentially collecting data from users.


What you need to do:
1. You need to now have a Privacy Policy on your website. This page can be a link in the footer of your website and will contain basic styling with your websites header and footer, with the body content being used as a word only based privacy policy. You will have to consult legal advice on what your specific business needs to comply with and the terminology to use. There are also online legal templates available which you can Google.


Basically you need to make an audit of you site and decide either to remove any plugins or scripts that collect data or be ultra transparent in the Privacy Policy on why you have it on your website, the break down should look something like this:


• What information is collected?
• Who collects this data?
• How is this data collected?
• Why is this data collected?
• How is the data used/processed?
• With which third party entities and for what purpose is the data shared?
• Is the data leaving the country?
• How can a user make contact to: 1. view data, 2. correct data, 3. delete data and 4. withdraw consent to the processing of this data?


This may seem a bit intimidating but you just need to be as transparent as possible. Most of our clients just collect their user emails for contact reference or for subscriber email opt-ins. So you should just state why you do this and give them an option for you not to collect this information.


2. If you have a contact form on your website, you’ll need to include a disclaimer that explains why and how you will be using the information/data that you’re collecting and that they fully consent to you using that information as you suggest.


3. If you have a opt-in for an email newsletter, you can follow this article from Mail Chimp on what you need to do: https://kb.mailchimp.com/accounts/management/about-the-general-data-protection-regulation.


4. Enable IP Anonymization for Google Analytics.


5. Third party plugins are a bit tricky but if you use any Third Party Plugins make sure they are GDPR Compliant and state in the Privacy Policy you use the Plugins for the functionality of your website. Third Party Plugins can be Security Plugins, WooCommerce, Social Media Sharing and Comments for example. We can help you audit what’s on your site in this regard.


How we can help:
We are offering our clients a reduced rate of $25/hour to help you implement these changes to your website if you feel they apply to you. This rate strictly applies to GDPR changes and could include details like adding a privacy policy to your page, revising your Mail Chimp opt-in fields, adding a cookie policy bar to your website, auditing the plugins that use and collect data and changes to the consent on your contact form.


You need to act relatively fast, this comes into play on May 25th, 2018. We will schedule the requests on a first come, first serve basis and will do our best to meet all the changes in an efficient manner. Because we’re coming up close to the date, we’ll likely be doing these changes for clients over the next few weeks. I’m hopeful (but can’t guarantee obviously) that there will be somewhat of a grace period but business located in the EU should act fast and will be given priority. Simply email us at support@ashleyandmalone.com to get started!




Join Our List!