What is GDPR?
Well, GDPR is the new regulation enacted by EU. The regulation is related to personal data and the way you have stored it. The law is enacted by EU and you may be under an impression that if you are located outside Europe, you will not be covered under this legislation.
That is a perfect wrong thinking. Why? Let us explain. Even when you are located outside EU, your site would be accessible to the people from Europe. If that happens, you are covered under the regulation. The legislation was approved by the European Union in April 2016 and will be coming into existence from May 2018. The regulation is aimed at protecting the citizens of EU from the misuse of their personal data. In fact, it would work as improving the data privacy for the internet users across the world.
The GDPR is considered to be quite stringent and restrictive in nature when compared to the laws that currently exist to curb misuse of data.
What is contained in the GDPR?
Well, GDPR for WordPress comes with stringent guidelines as long as the data usage is concerned. It puts the secrecy and privacy of the users as the most important aspect when dealing with the use of your data by websites.
What Does GDPR Aims to Achieve?
It should have been clear enough as of now for most of you. GDPR is a regulation that aims to safeguards the privacy concerns of the internet users. It does affect all the websites around the world.
The major advantages it plans to bring ahead are
- A Pan World Approach â€“ Yes, the regulation is not limited to any particular territory. Though the regulation has been enacted by the EU, it covers all the businesses and websites outside Europe. That would, in fact, bring the whole world into its ambit.
- Need for Consent â€“ The GDPR removes the monopolistic approach used by the websites. The users are expected to provide their explicit consent if they really want their data to be collected. This would include the data collected through the background processes as well, thereby giving it a broader approach.
- A User-Centric Approach â€“ The user has all the right to the personal data being collected. You, as the user, would be entitled to know what data is collected, how and where it is stored and what purposes it is used for. They also have a right to withdraw consent.
How does it Affect You?
Well, you do have your visitors in EU and as such, it should affect you as a website owner. The regulation is coming into effect from May 2018 and maybe you have time till that to comply with the regulation. Non-compliance attracts severe penalties levied on the websites.
The penalties would be as high as 20 Million Euros for non-compliance. If you are an undertaking, the penalties would be 4 percent of the total world turnover or 20 Million Euros whichever is higher. Well, that is what would make it quite hefty if you are a small business.
If you are a website owner, here are a few guidelines you can go through. There are a few areas you may need to pay attention to.
Data Collection through Forms
GDPR would expect you to be extra cautious and put safeguards in place. Transparency should be the key here. Be clear about why are you collecting the data and how will it be used. Include an unambiguous opt in form so that you get an explicit consent. Never share any content without the consent of the data owners. The best option would be to use GDPR compliant forms plugins and email list providers.
You are analyzing the website data for SEO purposes. That could be an area that may not be affected much if you are not analyzing data in a directly traceable manner. Most of the tools do not indulge in individual tracking. However, go through a checklist and ensure that your analytics software does not indulge in individual tracking. Never track IP addresses.
Before We Conclude..
Data regulation can indeed be a huge concern for most website developers. Maybe you need not worry if you are someone who is not collecting data on an individual basis. Whether you are a developer who indulges in developing websites that tend to gather data or website owners who write code that would collect data â€“ the legislation should apply to you.
If you follow the checklist above, that could be your best bet in the direction of making a beginning. Please note that the guidelines offered here are not legal in nature. We are not a legal firm and as such may not be able to provide legal suggestions. Our aim has been to initialize you into the concept of GDPR and its impact. For further details and if you are really into data collection for whatever purposes, you may need to contact your lawyer.
More such awesome Article you May like as