One of the most significant changes to the internet and online privacy was made earlier this year – the General Data Protection Regulation. This EU data protection directive affects every business with an online presence – even those who operate mostly in the US. It’s essential that you take steps to ensure your site is GDPR compliant to avoid any fines – which can be up to 4% of your total worldwide annual turnover of the preceding financial year. To keep your business and your customers protected, tackle these five tasks.
Use GDPR-Compliant Plugins
Streamline Forms to Limit The Data You Collect
You may utilize forms on your site to collect data from your users. To be GDPR compliant, you should only obtain the fields you require for processing. Moreover, as soon as you no longer need the data, it should be destroyed. This includes any data collected by plugins you have installed. Look for those that include a “do not store form data” option and select it to reduce risk.
Filter Mailing Lists
If you have a mailing list, it should include double opt-in, meaning that a user must confirm their subscription via email after they sign up. While GDPR does not require double opt-in, but it does ensure that you can prove consent was provided, which is required. If your mailing lists come from a third party, stop that process immediately. If those contacts did not consent to their emails being passed on, you would get busted by GDPR.
Make sure your emails always include an unsubscribe button at the bottom – especially if your contacts may have come from outdoor sources.
Stay GDPR Compliant
If you make these efforts, and in general work on being transparent and honest with your data usage to your site visitors, you shouldn’t have a problem. If you’re unsure whether or not your site is compliant, always consult a legal expert. Remember that at the end of the day, keeping your user’s data safe is right for them, and good for your business.