GDPR Compliance and Data Protection

William Jeffree Uncategorised

Those pesky EU bureaucrats are at it again, poking their noses into our world wide web and trying to protect our personal data from being exploited by nefarious internet baddies. TYPICAL. It’s political correctness gone mad I tell you! GDPR Compliance? We should probably be spending that money on the NHS and building walls to stop immigrants surely!? I expect to see tractors blockading the streets of Berkhamsted any day now.

I jest of course. But GDPR is on its way, coming into effect from 28th May this year. Lots of people seem to be getting their knickers in a twist, but there’s really not much to worry about. The good news is that the rules on how companies store our personal data are getting an upgrade. The original Data Protection Directives were written in the mid nineties, when we were all stock piling AOL startup discs, so this stuff is loooong overdue. The internet has grown into a behemoth of data collection and direct marketing annoyances, so anything that tries to tidy up and control the Wild West Web has got to be a good thing if you ask me.

There’s more to unpack in the GDPR (or General Data Protection Regulation) than we have the time or inclination to cover here. But the EU’s been kind enough to put together this really snappy and easy to digest 88 page PDF document if you’re interested. Lols. OR, you can watch this video we found on YouTube that covers the bulk of it in a couple of minutes.

The minor bad news is that anyone who’s website collects and stores information about its customers, probably needs to put a bit more effort into how they explain this process to their fanbase, both old and new. Not the end of the world by any means, and for the vast majority of our clients there’s only two things that need to be addressed:

DISCLAIMER: We’re not lawyers, or in any way qualified to offer legal advise. What follows is purely our game plan for becoming GDPR compliant with a pretty standard WordPress ecosystem – based on what we’ve read online, and the absolute zero advice from our local MEP and Chamber of Commerce. We believe the following is enough to become GDPR compliant. If you’re in doubt or want more legal advice, we suggest you call a lawyer. Thumbs up!

1st Thing: Explicit Consent

For anyone that’s using a contact or enquiry form on their website, chances are the details of those enquiries are being stored at the server level, and can be accessed through the WordPress dashboard. This is great when you need to come back to it periodically to collect up customer details, or prepare an email newsletter for example. The only thing that might need to change now is the EXPLICIT use of language when they’re submitting their enquiry or Newsletter request. A simple tick box will suffice, coupled with a brief explanation that all enquiries will be securely stored for future direct communication.

2nd Thing: Privacy Policy

The second thing you’ll need to make sure is in place is your Privacy Policy page. This is where you can explain in detail your good intentions for peoples’ personal data, how you’re planning on using it, reassuring them you’re not going to sell it, or lose it, and that they have the freedom to request its deletion if they wish. Under the new law, customers have the right to easily request what you have on file about them, and have that data deleted without any fuss is they wish. If you’re familiar with your WordPress forms, you’ll already know how to locate individual submissions you’ve had through the site. If you’re contacted directly by a customer you’ll be able to send them a CSV export of their submission as well as delete it permanently on request.

Get Compliant for only £50

The changes that need to be implemented aren’t terribly tricky, so if you’re confident with WordPress and understand the changes to the law, you should be fine adjusting your WordPress site in house. However, if you’re not finding the prospect too thrilling, or you just want to get it done quickly and correctly – we’re offering to upgrade our existing clients’ sites for the bargain price of £50 + VAT. Easy peasy.

We have standard Privacy Policy and Consent texts ready to roll, which can be edited and expanded upon should you wish. So just give us a call, or send us an email, and we’ll book in the upgrade when you’re ready to enter the brave new world of increased data security!

Congratulations if you made it to the end of this thrilling blog! I applaud you!