What every blogger needs to do:
- Send out a GDPR consent email to their newsletter list
- Prepare their blog policies and analytics for the GDPR
WTF is GDPR?
I bet you’ve been getting TONS of emails the last two weeks that mention something called the General Data Protection Regulation. So what is it?
The definition: The General Data Protection Regulation (GDPR) is designed to enhance data protection for European Union residents and provide a consolidated framework to guide business usage of personal data across the EU.
The Quick Facts:
- Comes into effect on May 25, 2018
- Designed to give each individual more control of their personal data
- Affects more than email; includes monitoring the behavior of individuals, which practically every website and app tracks digital activities of its visitors in some fashion
So now that you know what it is and how it affects you, let’s talk about how you can prepare for it.
How to Send a GDPR Email
Sending a GDPR email is a breeze.The idea of the email is to have each individual verify they want to receive your emails. (If you use ConvertKit, you can follow their Cold Subscribers email instructions to build a similar email that will track people who want to opt-in to your list.)
The GDPR email needs two things:
- A brief (or long, whatever your writing style is!) description of why you’re asking them to re-opt-in to your list
- A link to let them opt-in
A caveat: If your email list is only built from people who have opted into your list—no list sharing from joint competitions, no list buying, no customer purchaser added to the list without their consent—you can skip the GDPR email. However, no matter how you have your list, you should regularly have re-engagement campaigns. If you’ve never done that, then this GDPR email would be a great first start!
GDPR, Data Collection, and Your Analytics
GDPR affects more than email; includes monitoring the behavior of individuals, which practically every website and app tracks digital activities of its visitors in some fashion. (You’ve probably seen alerts from Google Analytics about their changes.)
Google has been rolling out some new features to help make this happen. In Analytics, you now:
- Have the ability to delete the information of individual users if they request it
- Can control how long individual user data is saved before being automatically deleted
This only applies to data about individual users and events, so aggregate data about high-level information like page views won’t be impacted by this.
If you want to do some high-level reading about this, check out GDPR: What it Means for Google Analytics & Online Marketing and How to Prepare Your Google Analytics Account for GDPR. If you want the quick version, read on!
You need to update your website’s privacy policies, cookie consent forms, and sign up forms if you have them. And they can’t be vague, generic messages like, “we collect this to send you stuff that will make you happy!” It has to be specific. And it needs to be easily understood, so ditch the legalese. You can find examples of GDPR website privacy policies and sign up forms here.
- Who is collecting the data?
- What data is being collected?
- How will the information be used?
- Will the data be shared with any third parties?
- How long will the data be stored for?
- How can the data subject raise a complaint?
Cookie Policies and Consent Forms
Sign Up Forms
This one is pretty easy. Come up with a one-sentence description of exactly what the user’s data will be used for.
So it that everything?
Honestly, this just scratches the surface. I’m sure in the next few months we’ll have more information coming out about GDPR best practices. But for now, this will help small businesses and bloggers take the first step to being ready.
If you need any help crafting a GDPR email, just reply to this and I’m happy to help! It can be on any platform, not just ConvertKit.
Good luck in your GDPR prep!
Want to get more simple DYI design tips and strategic marketing advice? Then sign up already!