What every blogger needs to do:
- Send out a GDPR consent email to their newsletter list
- Prepare their blog policies and analytics for the GDPR
WTF is GDPR?
I bet you’ve been getting TONS of emails the last two weeks that mention something called the General Data Protection Regulation. So what is it?
The definition: The General Data Protection Regulation (GDPR) is designed to enhance data protection for European Union residents and provide a consolidated framework to guide business usage of personal data across the EU.
The Quick Facts:
- Comes into effect on May 25, 2018
- Designed to give each individual more control of their personal data
- Affects more than email; includes monitoring the behavior of individuals, which practically every website and app tracks digital activities of its visitors in some fashion
So now that you know what it is and how it affects you, let’s talk about how you can prepare for it.
How to Send a GDPR Email
Sending a GDPR email is a breeze.The idea of the email is to have each individual verify they want to receive your emails. (If you use ConvertKit, you can follow their Cold Subscribers email instructions to build a similar email that will track people who want to opt-in to your list.)
The GDPR email needs two things:
- A brief (or long, whatever your writing style is!) description of why you’re asking them to re-opt-in to your list
- A link to let them opt-in
So what does a GDPR email look like? There are great GDPR emails out there to inspire you, but my all time favorite came from Katelyn at Studio 1862.
A caveat: If your email list is only built from people who have opted into your list—no list sharing from joint competitions, no list buying, no customer purchaser added to the list without their consent—you can skip the GDPR email. However, no matter how you have your list, you should regularly have re-engagement campaigns. If you’ve never done that, then this GDPR email would be a great first start!
GDPR, Data Collection, and Your Analytics
GDPR affects more than email; includes monitoring the behavior of individuals, which practically every website and app tracks digital activities of its visitors in some fashion. (You’ve probably seen alerts from Google Analytics about their changes.)
Google has been rolling out some new features to help make this happen. In Analytics, you now:
- Have the ability to delete the information of individual users if they request it
- Can control how long individual user data is saved before being automatically deleted
This only applies to data about individual users and events, so aggregate data about high-level information like page views won’t be impacted by this.
If you want to do some high-level reading about this, check out GDPR: What it Means for Google Analytics & Online Marketing and How to Prepare Your Google Analytics Account for GDPR. If you want the quick version, read on!
Update your Privacy Policy
You need to update your website’s privacy policies, cookie consent forms, and sign up forms if you have them. And they can’t be vague, generic messages like, “we collect this to send you stuff that will make you happy!” It has to be specific. And it needs to be easily understood, so ditch the legalese. You can find examples of GDPR website privacy policies and sign up forms here.
Your privacy policy should answer the following questions:
- Who is collecting the data?
- What data is being collected?
- How will the information be used?
-
Will the data be shared with any third parties?
-
How long will the data be stored for?
-
How can the data subject raise a complaint?
If you’re not up to crafting your own, you’re welcome to copy my privacy policy page.
Cookie Policies and Consent Forms
Your cookie consent forms should be specific. Below is a concise example of a cookie consent form. Here’s the link to this GDPR compliant company’s cookie policy.
Sign Up Forms
This one is pretty easy. Come up with a one-sentence description of exactly what the user’s data will be used for.
So it that everything?
Honestly, this just scratches the surface. I’m sure in the next few months we’ll have more information coming out about GDPR best practices. But for now, this will help small businesses and bloggers take the first step to being ready.
If you need any help crafting a GDPR email, just reply to this and I’m happy to help! It can be on any platform, not just ConvertKit.
Good luck in your GDPR prep!
—Sarah
Want to get more simple DYI design tips and strategic marketing advice? Then sign up already!
Leave a Reply