Thought I’d do something a bit different this week, with all the hullabaloo surrounding the new General Data Protection Regulation (GDPR) privacy standards taking effect on May 25th—and prompting a lot of questions. Like you, I’ve been on the lookout for good information about how the GDPR’s sweeping overhaul of data handling standards can impact businesses here in the USA.
As you might expect, companies most directly affected by the new GDPR standards (email marketing and ecommerce companies in particular) are leading the way in providing helpful information for the rest of us. So, here’s a list of some great articles and resources about the new data privacy rules and how they impact online marketers and consumers. Hope you find these links as helpful as I did!
WordPress 4.9.6 Privacy and Maintenance Release: WordPress issued a security and privacy release that helps site owners with GDPR compliance. Included are two tools: a built-in Privacy Page starter, a data export and erasure tool and a comment form update. Help Desk Clients: your site is already updated to WordPress 4.9.6. ????
A practical guide to the European Union’s GDPR for American businesses (Recode): One of the best bottom-line explainers about GDPR I’ve seen, as it’s focused on USA-based business. In case you’re skeptical of whether you need to do a data handling checkup, here’s a quote: “the GDPR applies to an American company whose website is made available to people in the EU” – so that’s well – everyone.
Collect Consent with GDPR Forms (MailChimp): MailChimp has a huge amount of resources and tools, including a ready-made GDPR-compliant signup form. The downside is that the form is not compatible with embedded forms linked by API – just the Mailchimp-hosted ones. If you have a lot of EU-based contacts, it may be worth just using MailChimp’s hosted forms to assist with compliance. A possible shortcut for USA businesses is to update your website’s posted Privacy Policy, and include that link on your opt-in form. That’s not enough for full compliance, but it’s better than nothing and signals to your visitors that you care about data privacy.
How GDPR Impacts Marketers: What You Need to Know (Social Media Examiner): This comprehensive article covers issues surrounding social media marketing, affiliate marketing, email opt-ins and even Google Analytics (that’s impacted too!). This provides a handy checklist of what areas should be covered by your website’s Privacy Policy.
Privacy Policies vs. Terms & Conditions (TermsFeed): A concise explanation of the difference between a Privacy Policy and a Terms and Conditions page. TermsFeed is a handy policy generator that asks you about your business step-by-step and compiles a suitable document for use on your website. They even have a free GDPR policy to get you started. I used this to generate my own Privacy Policy and Terms and Conditions pages. I recommend paying for one that is custom to your business needs, especially if you sell products or services online. Costs vary, but are typically between $30-$60 for a standard document.