The General Data Protection Regulation (GDPR) is a recent mandate of the European Commission and is designed to strengthen and unify data protection. It is being enacted May 25th of 2018. With this implementation, there will be a number of changes in the way that data is stored – thus affecting many people’s websites. This is because even if you live in the U.S., if you collect data from someone in Germany, your site has to meet the EU (European Union) standards so users can manage their data.
But, what does it mean to have a WP site that is GDPR compliant? And, perhaps even more important, what do you need to do to be in compliance? Well, the good news is that the team at WordPress is working diligently to GDPR-proof the Core code before the May 25th deadline; however, there are things you will need to do. These include:
- Explain who you are, who on your team has access to information, why you need said information, and how long you will be keeping the garnered information. Much of this information can be included in a Terms of Service or Privacy Policy that meets the GDPR’s standards. You will need to provide detailed instructions for various actions.
- A statement which assures guests that in the event of a security breach or hack that you will let them know it occurred.
- Provide users with complete access to their own data, with the option to download it or delete it completely from your records. Your Privacy Policy will need to clearly explain how to download or delete their data from your records.
- Obtaining clear consent to collect data through an opt-in. This means users must have the ability to clearly state “yes”, not just have the option to say “no”.
Your Privacy Policy will need to explain explicitly how these action items will be accomplished. In fact, the more info you can provide in the Privacy Policy the better. Essentially, just being transparent with your site guests so they can be assured their information is safe and that you are not asking them for more information than actually needed.
Of course, while getting your site GDPR compliant may mean more work, it does come with several benefits for company. Here are a few:
- You are increasing your cybersecurity, because you will have to establish thorough control over the entire IT infrastructure.
- There is better data management as you will be getting rid of redundant, obsolete and trivial information.
- You can increase your ROI and fine tune your approach because you are able to tailor your marketing campaigns based on a specific audience.
- Being GDPR compliant lets your guests know that you value their loyalty and trust.
If this seems overwhelming, don’t let it stress you out. The WordPress team is working hard to keep your responsibility at a minimum. But, if you still have questions about GDPR compliance and doing your part to get your site up to standard, then talk to the team at Page Progressive. We will be happy to answer your questions and help you.