GDPR update reference page

by | May 11, 2018 | Business

Your inbox has exploded with GDPR emails, but you’ve waited to take action, like me? I figured a roundup resource pointing quickly to tools, that will help you (and I) get these tasks done in the least amount of time, was warranted.

This blog post is information as a resource, not legal advice. I recommend you contact your legal counsel to find out how the GDPR affects you.

Update May 23, 2018: I was going mad with ALL of the information. Here’s my top highlights.

  • Reword Privacy Policy, Terms & Conditions, Cookie Policy in easy to understand language (not legaleeze)
  • Continue to update those pages with links and information as my providers release updates (ie. Paypal hasn’t yet released official info I can include)
  • DO include a cookie notice. Double check to see if acceptance will be saved, even if I switch plugins at some point.
  • DON’T send an email requesting secondary confirmation. Just continue sending the same kinds of emails that people signed up for (ie. customer should receive product updates, newsletter subscribers, newsletters)
  • Follow the recommendations from this official source, not everyone else
  • Breathe…In and Out… and repeat…

That’s it….I’m cutting out the rest of the red tape (for now anyway)

It’s especially tricky if you’ve been in the online world a long time, like me. I’ve used so many services that might pick up residual information (IP addresses, first name, and email addresses). I’ve started by installing a free plugin that helped walk me through some of the most obvious scenarios (and several I hadn’t thought of). It connects to my Woocommerce shop.

Note: Apologies for the rough edges around this post. I’ve been working on it off and on for a few weeks & now that we’re only 14 days away, I feel the need to hit publish before going camping this weekend. I’ll tidy things up as soon as we’re back.

My To Do List:

  • Newsletter tasks
    • send consistent engaging content for the next couple of weeks (before May 25th)
    • simultaneously, start segmenting EU subscribers (and unknown) from others. Two new groups/segments called “EU-confirmed” and “EU-non-confirmed”
    • begin sending additional “re-confirm” emails to EU list  no longer recommended
    •  anyone who is still in the “EU-non-confirmed” list must be deleted by end of day Thursday, May 24th (at the latest)
    • include link to my new GDPR page, with instructions on “how to delete records”
    • test out landing pages in Mailchimp with the notification bar & segmentation
    • Update Privacy Page with Zapier DPA info when it’s released (mid-week)
  • Freebie Opt-Ins
    • Revise wording on opt-in pages
    • turn on GDPR tools
    • request permission to sign up for marketing emails in a separate transaction (not a condition of freebie)  – or ask people to sign up for newsletter and receive a bonus offer
    • whenever possible, create an email course, to warrant an email follow up series (with an invite to sign up for newsletter)
    • add a separate checkbox (unchecked by default) to opt-in for newsletters
    • update list “forms” to include link to privacy page
    • return to my old method of offering freebies with immediate access (no opt in required) and invite people to opt in if they enjoy what they see/read.
  • Analytics
    • Review data that was collected from EU residents prior to adding consent clause. Delete this data, or delete ALL data, prior to the 24th
    • delete data from mixpanel, if I’m no longer using it
    • ___________
  • Shopping Cart
    • continue the conversation with Lindsay about getting an EU Rep (it looks like I may need to, even though I only use Stripe and Paypal)
    • Add in clause from Stripe and Paypal to my new GDPR friendly Terms and Conditions page
    • Check to see if I have ‘usage tracking’ turned on in Woocommerce
  • Website Host
    • Check with host to see if there are any potential data concerns
    • Add info to TOC about the data that would be stored with my webhost
  • Online Storage
    • Box.com – check to see if I’m in compliance (not storing any confidential info)
  • Add links in privacy document to DAP of any connected services
    • Calendly
    • Mailchimp
    • Mailerlite
    • Google Analytics
    • Namecheap Hosting
    • Teachable
    • Freshdesk
    • Cloudflare
    • Typeform
    • AffiliateWP

Do you want a printout of this post? Go to printfriendly.com or click the button below.

Print Friendly and PDF

 

How freelance marketers can stay ahead of the GDPR regulations

Most entrepreneurs are looking at their newsletter provider first, but there are many other things you might need to look at, like:

  • Payment Provider
  • Shopping Cart
  • Website Forms
  • Online Community
  • Analytics
  • Website Host

If you’d like a checklist to help with gdpr compliance for your email list, there’s one here:

 

Mailchimp

Just enabling GDPR fields on your signup forms will not make you compliant. It’s the first part of a multi-step process. Here’s how it works.

Set up your GDPR-friendly signup form

  • Enable GDPR fields 
    Turn on GDPR fields for the signup forms for each list affected by the GDPR.
  • Edit GDPR fields
    MailChimp provides suggested language for GDPR fields to make it easier for you to create your GDPR-friendly forms. You might need to edit this language to fit your marketing plan, so be sure to review it carefully. If you choose to write your own descriptions, make sure you’re explicit about why you’re collecting data.

This non-editable field lets your contacts know that you’ll be storing their info in your MailChimp account, so there’s no need for you to describe this storage activity in the legal text field of your form. A link to MailChimp’s Privacy Policy and Terms is included.

  1. Setup GDPR for each of your lists
  2. Creating a segment – only send mail to people who confirm consent
  3. Use their ‘ready to send’ template to get GDPR consent from existing subscribers
  4. Add a notification bar to landing pages

Read the rest here:

 

The GDPR is complicated, but complying doesn’t have to be. In just a few clicks, you can create a signup form that helps you adhere to the GDPR. Learn more about our new form fields

 

MailerLite

Mailerlite is still building out their export feature (right to be forgotten) but they have some other steps you can work with right now. The first one is to create an email campaign asking any EU subscribers for their consent. They’ve created a template that makes it easy to get started.

  • use the Mailerlite Template to revalidate subscribers

 

Active Campaign

GDPR is a wide-ranging regulation that may affect a lot of areas of your business. To help out, they put together a few steps and resources you can go through to prepare. Here’s what they say:

  • GDPR requires you to have a Data Processing Agreement with ActiveCampaign to govern how we process your data. We’ve prepared a DPA that you can use, which you can request through this form.
  • We’ve updated our site tracking feature to be in line with GDPR requirements. You can set up the updated site tracking by following the steps in this help doc.
  • Visit our GDPR updates page and go to the “Tips to Prepare” tab to make sure you know how to set up double opt-in, as well as delete, update, and export contact information.
  • Listen to our GDPR podcast as we interview attorneys from Perkins Coie LLP to get up to date on what the regulation means for businesses like yours.

 

Selling your courses, products, membership or services

Mighty Networks https://hosts.mn.co/posts/meet-our-new-friend-gdpr

Teachable: They’re building an export tool (right to be forgotten) as well as adding GDPR friendly consent forms for when students sign up for a class/course http://blog.teachable.com/gdpr

Woocommerce Shop

Shopify Store

https://www.oberlo.ca/gdpr-compliance-ecommerce-shops

https://help.shopify.com/manual/your-account/GDPR/GDPR-Shopify

Ebay https://pages.ebay.ca/help/policies/privacy-policy.html

Formidable Forms: https://formidableforms.com/gdpr-compliant-formidable-forms/

Customer Support

(I’ll fill this section in when I return)

Freshdesk
Octaine AI

Highlights:

Action Items:

Analytics and 3rd party services

Cloudflare: Are you connected to Cloudflare for image compression or an SSL certificate

  1. https://blog.cloudflare.com/more-details-not-more-data/
  2. https://www.cloudflare.com/gdpr/introduction/

Google Analytics: https://privacy.google.com/businesses/

  • this is really important. Any data collected prior to adding a “cookie consent” type of pop up, must be deleted

Understanding it:

  • https://www.jeffalytics.com/data-retention-controls-google-analytics/
  • http://www.blastam.com/blog/5-actionable-steps-gdpr-compliance-google-analytics

Mixpanel:

Affiliate WP https://affiliatewp.com/referral-types-opt-in-forms-gdpr-privacy-tools-and-more-in-affiliatewp-version-2-2/

This whole “having a representative in the EU” issue.

I have no idea what I will do about this (yet). I’m not keen on paying someone monthly or annually for this service, so I’ll look for a ‘pay as you go’ model (if there is one)

Here’s some information about this topic

Do I need to appoint an EU-based representative?

Appointing a representative: https://www.linkedin.com/pulse/appointing-eu-representative-paul-gillingwater-mba/

 

All of the links in one place

(it’s a long list)

 

Are You Prepared for GDPR?

GDPR FAQS

GDPR Impact for Non-EU Companies

How to Get Help With GDPR Compliance Resources

 

Examples from the real world

In an email 

Amy Scotts privacy policy https://www.nomadtopia.com/privacy-policy/

Hillarious copy here: https://writershq.co.uk/privacy-policy/

google analytics
mailerlite
hotjar
hostgator
mailchimp
leadpages
sarah
jo harrison
zenler
suzanne dibble
elegant Marketplace
lumen5
botsify
aravo marketing
teachable
evercontact
acuity
cloudflare
udemy
Dubsado
Freshdesk
eXo
The Sway
Typeform
Jotform
Hubspot

 

 

News & Updates

Sign up for Biz Tips!

You May Also Like…

0 Comments