• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer
BlogAid Logo

BlogAid

Help for DIY Site Owners and Webmasters - WordPress, SEO, HTTPS, Security, and Performance

  • Home
  • Blog
    • Current Posts
    • Helpful Posts
  • Tips Tuesday
  • Site Services
    • Happy Clients
    • Setup, Backups, Fixes
    • Site Service Requests
    • Site Audits
      • What’s In the Audit
      • Audit Request Form
    • HTTPS Conversion
      • About the Service
      • HTTPS Request Form
  • Resources
    • Plugins
    • Helpful Posts
    • Site Resources
    • Start Here with BlogAid
  • Classes
    • Happy Clients
    • All Classes
    • DIY SEO Course
    • Webmaster Training
  • Videos
  • About
    • About MaAnna
    • Happy Clients
    • Privacy Policy and Terms of Use
  • Contact
    • General Contact
    • Site Service Requests

GDPR Compliance: How to Get Through it Without Overwhelm

May 9, 2018 by MaAnna Stephenson

TwitterFacebookPinterestLinkedinRedditWhatsApp

GDPR Compliance: How to Get Through it Without Overwhelm

Is all of this GDPR compliant stuff making you crazy and stressed?

Discover how to get through it and keep your sanity intact and your overwhelm low.

Get the GDPR Guide

You’ll want to reference my GDPR Guide as you follow the steps below.

So, keep that link handy.

How to stop the overwhelm feeling

Forget about the May 25, 2018 deadline for compliance.

Only a sliver of folks globally will be compliant by then, including companies in the EU.

“It’s clear that the majority of organizations are not currently prepared to meet GDPR requirements,” said John Ottman, Executive Chairman of Solix Technologies

~ quote from ZDNet article on GDPR compliance as of Feb 2018

GDPR is a work in progress

And will be for the rest of 2018.

You have no shot at becoming fully compliant by the deadline.

  • Most of the 3rd party entities you need to rely on for becoming fully compliant, by linking to their policies in your own policy, are scrambling to become fully compliant themselves.
  • Devs involved with creating ways to notify your site visitors and obtain consent for tracking are all scrambling to build those automated systems right now too.

It seems like EVERYBODY involved with GDPR waited to the last minute to get their act together.

So, we, as site owners, have to take a chill pill and let some of the path be created so we can walk it.

What you should focus on first

That’s simple – create your Privacy Policy.

Yes, there’s a lot to it.

And you’re not going to get everything you need into it on your first draft.

So, let yourself off the hook with trying to make your Privacy Policy perfect, or even complete, on the first go.

This will we a working document that you update as we all go through this together.

Where to start

That’s simple too – list all of the ways you track client data on your site.

Just make that list – on paper – or a Word doc or such.

That will be enough for one day.

See Step 1 in my GDPR Guide for lists to get you going.

Keep in mind that WordPress 4.9.6 will be out soon.

It has an internal way to detect the ways you are tracking visitors based on your theme and plugins.

It will also create a rough draft of a Privacy Policy page for you, with that info in it.

So, just do the best you can with making your tracking list for today.

And then wait for WP 4.9.6 to come out and see what it detects, and then add anything missing that you have on your own list.

What to focus on next

Simple – create the next section of your Privacy Policy – the one that explains what you do with all the site visitor info you track.

Again, just make a list.

Here are a few ideas to get you started.

  • Do you use Google Analytics? Then you use those collected IP addresses to determine metrics on your site.
  • Do you use Facebook Pixel Tracking? Then you use those collected IP addresses to serve targeted ads on Facebook.
  • Do you have a newsletter optin? Then you use that to send folks your blog posts or other helpful info.

See how easy this is?

Go visit Step 2 in my GDPR Guide for more guidance on this phase. But don’t get bogged down in all the extra email collecting info in that section.

Just stick with making this little list for now.

What’s Next?

Pick some places on your site where folks can easily find your Privacy Policy.

And again, make a short list of them.

Now, we don’t have that page posted yet, so we don’t have a link yet.

But, we can poke around our site and get ideas for the best places to put it.

In fact, poking around is all we need to do right now.

Keep in mind that WP 4.9.6 is going to help us with that too, as are new plugin updates.

So, all we want to do in this phase is choose a few easy places where we can add a link.

Easy link places include:

  • Somewhere in your navigation menu. That could be in a footer menu, or a drop-down from your About page or such too.
  • Near an optin. Maybe you use a plugin that doesn’t have a place for you to add an extra link yet. Maybe it will one day. In the meantime, can you create a new Text widget with that?

We’ll also need a link in our comments area. We’re going to wait and let WP 4.9.6 take care of that one for us.

See Step 4 in my GDPR Guide for more link placement ideas to add to your list.

Now what?

How you conduct your email marketing, and what you need to do to be GDPR compliant with it will be one of those topics that will be debated forever, as we all make our way through these new changes.

As a U.S. based blogger, that does not specifically target EU citizens, you’ll have a LOT of gray area to work with here.

If you have super simple email marketing practices, this is going to be easy for you.

Like at BlogAid. If you sign up for BlogAid News then you’re going to get:

  • my blog posts via email
  • urgent site news
  • special offers and discounts only available to BlogAid News subscribers

And that’s all I have to tell you in my privacy policy too.

See how easy that is?

If you’re big on email marketing, and have a complex system, then you’ll need to dig into that.

See Step 2 in my GDPR Guide for examples to get you started.

But you’re also going to want to seek out other GDPR folks who specialize in big email marketing for even more advice.

Next thing

By now you should have most of what you need for your Privacy Policy.

It will include the lists you made for:

  • What data you collect
  • What 3rd parties you share that data with, and links to their Privacy Policy
  • How you use the info you collect
  • A way to contact you, so a visitor can ask for their info to be modified or deleted.

Okay, you’re ready to post the first draft of your policy.

And realize that it is a work in progress that you will be editing as we all go through this, and new info becomes available.

Once that is published and you have a link, then put it in the easy places you listed.

Don’t worry about the rest for now. Just get this much done.

Last 2 things

As of this writing, May 9, 2018, I’m still vetting the best plugins for us to use.

We’ll need a plugin to create a little pop up to:

  • Notify visitors that tracking and cookies are in use, and turn off that tracking until visitors say okay
  • Provide a button that visitors can click to give consent, so all that tracking can be turned back on
  • Provide a way to record that consent was given

We’ll also need a plugin or a service to help:

  • Provide a way to produce a report on demand of that visitor consent
  • A way to modify the data, per a visitor’s request to do so

Some that help will be provided by WP 4.9.6.

Some will be provided by our vendors, like our email list service (Mailchimp, Aweber, etc).

And some may be provided by other vendors, like other plugins that have an all-in-one GDPR service. But those can be expensive and some of them even scare me a little with regard to site security.

I’m vetting and testing all of this stuff as fast as I can. I’ll post more when I have it.

Just watch for those posts on BlogAid. That’s all you have to do.

Keep in mind that I have to find something to work for me too, so I’m on the ball with it.

Bonus Points

Ultimately, you, as the site owner, will be held responsible for keeping all of the data you collect secure.

Get a site audit.

On average, I find 26 security holes and performance drags that no plugin can detect.

2 birds – 1 stone – we’ll get your site speedy while we’re at it. Don’t let all this GDPR hoohaa make you forget that speed will become an SEO ranking factor in July.

Be patient with GDPR stuff and yourself

The GDPR police are not likely to come after you or your blog on May 26, 2018.

It’s also not likely that site visitors will suddenly demand that you get their consent for tracking first, or produce a report of consent on that date either.

Take the easy steps you can today.

Wait on help that is coming for the rest.

Add what you need, as you go.

Breathe, it will be alright. We’ll get through this together.

Disclaimer

I am not a lawyer. This post is for informational purposes only and should not be taken as legal advice. Do your own homework on GDPR. Due to the legalities of all this, I do not offer GDPR compliance services. But I will do my very best to help you stay informed so you can do this for yourself!!!!

TwitterFacebookPinterestLinkedinRedditWhatsApp

Filed Under: GDPR

About MaAnna Stephenson

MaAnna is a geek who can still speak in plain English. She helps DIY site owners plus webmasters and designers create sites that are secure, perform well, and get noticed by search engines and readers.

  • Facebook
  • Google+
  • LinkedIn
  • Pinterest
  • RSS
  • Twitter
  • YouTube

This book could save you hundreds of dollars and months of frustration. Get it free with your subscription to BlogAid News plus my blog posts.
Privacy Policy



Reader Interactions

Comments

  1. Liss says

    May 9, 2018 at 5:32 am

    MaAnna, This an amazing amount of information and you’re wonderful to lay it all out like this for us.

    Gotta say, I’m still feeling a little overwhelmed (smile) but you’ve made me less so with this breakdown.

    Thanks for the guide to getting started.

    Happy day to you.

    Reply
    • MaAnna Stephenson says

      May 9, 2018 at 8:34 am

      I was feeling pretty overwhelmed with it myself!! Now that I’ve checked into it more and get the overall view, and have a plan to work on a little each day, I feel a lot better!

      Reply
  2. Tipper Pressley says

    May 9, 2018 at 7:45 am

    I feel so much better! I’ve been in freak out depressed mode since I read Tips Tuesday yesterday. It seems so overwhelming!!! BUT you’ve made it seem doable today : ) Thank you for talking me off the ledge LOL!

    Reply
    • MaAnna Stephenson says

      May 9, 2018 at 8:35 am

      Same here Tipper!! It was plain that the big thing to address with this was that overwhelm feeling.

      We can do this!!!

      Reply
  3. Debrashoppeno5 says

    May 9, 2018 at 9:39 am

    I am so glad you are breaking it down for us. Because yes the tech stuff does overwhelm me. And we are getting so much information which can also be overwhelming. Thank you for being there.

    Reply
    • MaAnna Stephenson says

      May 9, 2018 at 11:52 am

      Glad it’s helpful Debra!!! Good to get it in bite size pieces.

      Reply
  4. Dee says

    May 9, 2018 at 10:03 am

    Bless you, MaAnna!!!!! This helps SOOOO much!!! What would we do without you?!?!?!?

    Reply
    • MaAnna Stephenson says

      May 9, 2018 at 11:53 am

      Woot!! Glad it’s helpful, Dee!!!

      Reply
  5. Marlys Arnold says

    May 9, 2018 at 2:38 pm

    Thanks for the chill pill! After feeling like GDPR has become my entire life for the past two weeks (at the expense of my real work), it’s good to hear the world won’t come to a screeching halt on May 25. (Kinda like Y2K …) And just FYI, here’s what Bloomberg tweeted yesterday: “Europe may come to regret its new data rules” (Ya think?)

    I’m still moving forward on this … finished my Privacy Policy revisions last night & will post later today (with more changes to come after the WP update). Now I just need to decide how to approach my e-mail list … whether to force everyone to reconfirm, or just the 5% or so that are non-US based. (I’m leaning toward the latter option.)

    Reply
    • MaAnna Stephenson says

      May 9, 2018 at 4:24 pm

      Yeah, I think we all needed a chill pill. The frenzy was getting to be too much.

      I was an electronics engineer for 30 years and involved in updating systems to avoid the Y2K thing. That’s why it seemed like a non-event. A lot of folks worked hard to make it so!! But this thing – oh my word. It’s going to hit a lot of wallets, in every kind of way!!

      Agreed about thinking through the email list options for sure!! That will probably be the last thing on my list. But, I had intended to make changes to my optin anyway, both the freebie, and the way the segment is set up. So, this will be a good time to tackle all of that.

      Reply
  6. Christie Hawkes says

    May 10, 2018 at 11:28 am

    Thanks for talking us all down. As you know, I’m still getting through the https transition. And then GDPR is right on my heels. I’m off to read your guide. Thanks MaAnna!

    Reply
    • MaAnna Stephenson says

      May 10, 2018 at 2:59 pm

      Yeah, I had to take a day off from it and get some perspective about all the GDPR stuff. We definitely don’t want to panic or make knee-jerk reactions that hurt our site, or make things worse with other changes coming very soon, like WP 4.9.6

      Reply
  7. FLORENCE says

    May 13, 2018 at 9:40 pm

    Thanks for all this MaAnna. I took my chill pill a while back. I’m just waiting to see how all this will come down & in the meantime, I’ll work on my Privacy Policy.

    Reply
    • MaAnna Stephenson says

      May 14, 2018 at 11:28 am

      Good for you, Florence!! I’ll have more news on it as I complete my tests.

      Reply
  8. Alex says

    May 18, 2018 at 3:55 am

    So everyone who has a tracking account with Google is collecting IP addresses! I did not know and barely look in Google Analytics because I find it all too much! And Google is reading the visitors IP address from their…browser?

    I am actually glad that higher levels of data protection are being forced onto web businesses even if I find it confusing.

    Thanks for giving us a step by step MaAnna

    Reply
    • MaAnna Stephenson says

      May 18, 2018 at 11:52 am

      Alex, let’s be very clear about this.

      YOU, as the site owner, and Google Analytics account holder, have access to the data that Google Analytics collects.

      Google does not have access to that data. Nor does any other Google related product except Search Console, if you choose to hook them together.
      And that is an account you privately own too. Google can’t see it either.

      Reply
  9. Bonnie says

    May 22, 2018 at 2:26 pm

    Thanks so much for this info! It is totally overwhelming. To someone’s question above, what are your thoughts on sending an email to your entire list to have them re-opt in? I’m not sure if that’s necessary or not! Thanks!

    Reply
    • MaAnna Stephenson says

      May 22, 2018 at 4:19 pm

      I’ve been talking about the email situation a lot in my livestreams on the BlogAid Facebook page. You’ll want to check all of those out, as each one has good tips.

      Reply
      • Bonnie says

        May 22, 2018 at 4:48 pm

        thank you I will!

        Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

This book could save you hundreds of dollars and months of frustration. Get it free with your subscription to BlogAid News plus my blog posts.
Privacy Policy

Hi! I'm MaAnna, and a geek who can still speak in plain English. I help DIY site owners plus webmasters and designers create sites that are secure, perform well, and get noticed by search engines and readers. How May I Help You?

Let’s Connect

  • Facebook
  • Google+
  • LinkedIn
  • Pinterest
  • Twitter
  • YouTube

Looking for Something?

Search by Category

Footer

BlogAid News

This book could save you hundreds of dollars and months of frustration.

Get it free with your subscription to BlogAid News plus my blog posts. Privacy Policy

From the Blog

  • Scriptless Social Sharing Plugin: Best Settings for Speed and Looks
  • Tips Tuesday – Video is Huge, 2 Free Webinars, Social Share and Pinterest Case Study Update
  • Tips Tuesday – Sticky Bar Plugins, Gutenberg Phase 2, Safely Update Plugins
  • Tips Tuesday – Site Speed, Protect Images, Google and PDFs, WP 5.1 Security
  • Tips Tuesday – Site Security, MediaVine Research, Genesis 2.8, Gutenberg Phase 2
  • Collection #1 Data Breach and Your Site Security
  • Genesis 2.8 Promises a New Theme Experience
  • Tips Tuesday – Site Speed Up, WordPress 5.1 Beta, Survey Results, TinyMCE Advanced Update

© 2019   Blog Aid · WordPress for Non-Geeks · All Rights Reserved

Disclosure: Some of the links on this website may be affiliate links. When you make a purchase from these links, I earn a small commission.
While commissions allow me to keep this site 100% free, I only endorse products I trust and use for myself and clients.