The 4 Things You Need to Be GDPR Compliant


First off I just want to remind y'all that I'm not a lawyer so this isn't legal advice, but things I've discovered or learned in my journey to be GDPR compliant.

So I recently sent out an email to my list about GDPR and if they wanted to still be hearing from me after May 25, 2018 once GDPR goes into effect. I had several people emailing me asking me what on earth it was and what they need to do in order to comply with the new law. If you haven't heard about GDPR (General Data Protection Regulation) you can learn more about it here

My friend Andrea over at The Creative Spring just posted a wicked helpful blog post on those 4 things and goes into more detail about what exactly you'll need to do. You can read her full post here.

In the meantime, I wanted to give you a quick peek at her post about the 4 things that you'll need to do before May 25 in order to be compliant with the new law.

*Some of the links below are affiliate links, meaning, at no additional cost to you, I will earn a commission if you click through and make a purchase. I only promote products I've actually used and believe would be useful or beneficial to others. 

1. Update (or add) terms and conditions and privacy policy on your website

Rather than copy together a bunch of different Terms and Conditions and Privacy Policy from various sites I opted to purchase a lawyer-approved one from The Contract Shop*. Until May 28, 2018 they're running a 40% sale which includes the Terms and Conditions and Privacy Policy! If you don't have this page on your site yet, read this post about why you need to have one.

2. Add a Cookie Policy popup on your website

While Squarespace does have this as a feature you can enable on your site, it's a bit ugly (TBH) and totally not on-brand (which I think is wicked important), which is why I love that there are designers out there who are sharing how to customize it to fit your brand!

3. Scrub your lists in your email program...and delete people from EU or send them a notice to agree to stay on your list

So this one has a couple different ways you can go about it and personally I chose to just use a template that MailerLite had to send an email to my list telling them to either resubscribe or unsubscribe. You can also do what Andrea did and delete people individually if they're in the EU or you can't tell where they're from.

If you've got MailerLite here's a quick tutorial on how to send your list that resubscribe/unsubscribe email — Part 1, Part 2, Part 3.

4. Update your opt-in process to make people agree to be on your lists

This step is a bit more tedious especially if you've got a several opt-ins or subscribe buttons on your site. Essentially what I'll be doing is creating an opt-in landing page through MailerLite and where I'd normally have people sign up directly on my site, they'll now need to click the button and be taken to the landing page that is GDPR compliant. It's a bit tedious and will mean people need to click a couple more times but if it means I'm compliant than I'm okay with that. 


More Posts You May Like