GDPR? What on earth is she on about?

Which one of the following best describes you?

Unfortunately, I hate to burst the bubble, but if you run an online business and you have the option for people to sign up to a newsletter, freebie or anything else on your website anywhere on this beautiful planet, you best read on! I’ll keep this relatively jargon-free and easy to read.

The General Data Protection Regulation comes into effect on 25th May 2018. What is it?

This regulation coming into effect is a much stricter one than the one currently in place. As you may or may not know, the EU is already very touchy about their citizen’s privacy. By changing the current regulation to this one, they want to give the EU citizen greater control over how their personal data is used and stored.

Why is this important for your business?

The EU body looking after this regulation has expanded the territory worldwide. If your business’  intention is to offer goods or services in Europe, you will be subject to the imposed penalties as well as held accountable for how and where you store their data. Breaches and unethical practices could see you facing fines of 4% of our annual, global turnover or 20 million Euro (whichever is highest). 4% might be a drop in the ocean, however, I have a slight hunch none of us want to be dealing with the headache nor the paperwork and time-wasting that will inevitably come with this.

What does this ‘clear and concise language’ actually entail?

It’s all about the consent request and how you deal with the information you receive from the individual afterwards.

  • You must ask everyone to positively opt-in = a clear question asking them whether they wish to be added to your marketing list with a by default unticked ‘Yes’ box.
  • Double opt-in activated (soft opt-in is not considered as consent)
  • Do you specify clearly what they are signing up for? Or is it vague or non-existent?
  • Have you specified why you want the data an what you intend to do with it?
  • Do you only ask for the necessary information?
  • How clear is it they can unsubscribe at any stage without implications to them?
  • Consent should not be a pre-condition of service (if they are signing up for a freebie and they say no to being added to the marketing list, you still have to send them the freebie)
  • If you are working or offering content to kids up until the age of 16, you must gain parental consent

Some of these points can be covered in your privacy policy. Make sure it is up-to-date and clearly displayed on your website. I advise you to link it up with every sign-up box you have on your website. Better to be safe than sorry.

How do you manage this consent?

  • Keep a record of the person giving you consent. I am sure most systems have a custom field/questions area you can add to the form, do not delete this at any stage (export a list of your contacts regularly to keep a record of this).
  • If you decide to change the wording, create a completely new question as you must have a record too of what the person was asked at the time of giving their consent

Some extra good-practice tips

  • Get your privacy policy looked at by a lawyer ensuring it is up-to-date with the latest regulations (I seriously insist on your doing this, this is my lawyer telling me to tell you)
  • Review your processes regularly
  • If you discover a breach, notify everyone immediately and tell them how you are dealing with this
  • Make it easy for people to unsubscribe from your list (believe me it helps you in the long run)

Disclaimer: I am not a lawyer and this is by no means legal advice (I binge-watched all the Silk seasons and I could probably have a good crack at it but those wigs would look horrendous on me). Check everything over with your lawyer! 

I have created a handy checklist for you. If you wish to receive it and tick those boxes sign up below!

*You will be added to my ‘GDPR list’. Unless you explicitly tick ‘yes’ to receiving further information from me, you will only receive updates relating to the GDPR. If all you want is the guide, click unsubscribe immediately after you have received the guide.

Are you an ActiveCampaign user? I have created an exquisite guide (even if I say so myself) to help you spring-clean your account and get it GDPR-ready. Go here to find out more.

Have questions? Ask me anything.