The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data and change the data privacy approach of organizations across the world.
Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU. Specific criteria for companies required to comply are

A presence in an EU country.
No presence in the EU, but it processes personal data of European residents.
Legal Disclaimer / Disclosure
We are not lawyers. Nothing on this website should be considered legal advice. When in doubt, it’s best to consult an attorney to determine if you are in compliance with all applicable laws for your jurisdiction

The “Cliff Notes”
GDPR makes sure that businesses can’t go around spamming people by sending emails / newsletters that they didnt ask for. We can’t sell people’s data without their explicit consent. We have to delete a users account and unsubscribe them from our email lists if the user asks. We also now have to report data breaches.

The Essentials

Explicit ConsentCookies
For those who visit your website, your website browser is collecting some basic information on those visitors. The type of information may vary, it might be Google Analytics processing where the visitors are coming from as well as following them as they click through your website, or it may simply be remembering which pages they visited last time

For instance:
When you visit some sites, the server gives you a cookie that acts as your identification card. Upon each return visit to that site, your browser passes that cookie back to the server. In this way, a web server can gather information about which web pages are used the most, and which pages are gathering the most repeat hits. Servers can use cookies to provide personalized web pages. When you select preferences at a site that uses this option, the server places the information in a cookie. When you return, the server uses the information in the cookie to create a customized page for you. This was done without asking you in the past, now you have to agree to it.

Newsletters / Email Blasts

if youre collecting personal data from an EU resident, then you must obtain explicit consent thats specific and unambiguous.In other words, you cant just send unsolicited emails to people who gave you their business card or filled out your website contact form because they DID NOT opt-in for your marketing newsletter.

For it to be considered explicit consent, you must require a positive opt-in (i.e no pre-ticked checkbox), contain clear wording (no legalese). You will now see an ‘opt-in” option on many forms.

Rights to Data
You must inform individuals where, why, and how their data is processed / stored. An individual has the right to download their personal data and an individual also has the right to be forgotten meaning they can ask that their data to be deleted.

When you hit Unsubscribe or ask companies to delete your profile, it now has to actually happen.
Also required is a link to where the user can learn about the companies privacy policy.

Breach Notification
Organizations must report certain types of data breaches to relevant authorities within 72 hours, unless the breach is considered harmless and poses no risk to individual data. If a breach is high-risk, then the company MUST also inform individuals who are impacted right away.

All plug-ins, if they collect data or use cookies are also part of the GDPR Compliance regulations. Note that if a plug-in collects data, and the individual would like their data removed, the “plug-in” company must be informed.

Data Protection Officers
if you are a public company or process large amounts of personal information, then you must appoint a data protection officer. This is not required for small businesses. Consult an attorney if you’re in doubt.

graphics in Israel- studiospinner

WPW Photography: Emuna Rozin

wordpress consultant-studio spinner


Need Some Help in WordPress?

wordpress consultant-studio spinner


Just give me a call, send an email, or WhatsApp message