Data privacy and protection regulation has been a trending topic in the digital world for quite some time. Making the biggest wave in the topic pool has been the recent passing of the GDPR from the EU. And while many non-EU publishers don’t believe this affects them, that notion is far from true. Whether you belong to the EU or not, any publisher serving EU traffic must follow these regulations.
Publishers in direct violation not only face fines and risk ruining the revenue streams they’ve managed to create with their websites. Luckily for you, the steps to ensure your website is GDPR compliant are very straightforward. We’ll dive right into the different aspects of your site you should access and rework.
While this post was created to provide general information, it should not be relied upon as legal advice.
What is GDPR?
The General Data Protection Regulation (GDPR) is a data privacy and protection law in place by the EU to strengthen the rights of EU citizens when it comes to the collection and use of their personal data. Some of the biggest takeaways are EU citizen’s right to access data, request to be forgotten, and the requirement of consent for organizations to collect, store, or use data.
How This Impacts Publishers
With so much of GDPR focusing on transparency and obtaining consent, many elements within a website will face impact. If you exchange sensitive data through your website—credit card numbers, addresses, social security numbers, etc.—use third-party plug-ins and widgets or deal with newsletters, you’ve got to reevaluate your website. Consequently, publishers will see a ripple effect play into all the aspects of digital marketing they choose to integrate into their website. GDPR will directly affect how you integrate everything from email marketing to plugins.
Obtain consent for cookie usage
Review your opt-in options
Similarly, opt-ins cannot be bundled. Meaning you can’t have “agree to the terms and conditions” and “agree to be contacted by,” all as one option. They are two different requests of the user, and you should be treating them as such. Luckily for you, this is a straightforward fix!
Square away your mailing list
If you’ve ever purchased mailing lists or signed up subscribers without consent–you guessed it, probable violation! Therefore, it’s recommended that you clean up your mailing list and include proper unsubscribe/opt-out links to anything you send out.
Double opt-in is standard practice, and though not required under GDPR, it could help keep your lists in check. It works by sending a follow-up confirmation link that users must click on to be subscribed (following them supplying their email, of course).
The days of a simple ‘and other third-party organizations’ category are gone. When collecting data, it’s no longer enough to sum up any sponsored or affiliate companies into the grouping of third parties. To ensure your website is GDPR compliant, web forms must identify each party a user is consenting to. Along with identifying them, users must be given the option to withdraw from being contacted by other third-party organizations.
Clean up your plugins
Give yourself less to do
More data will mean more worries. Empty your plate by collecting and storing as little as possible. One of the biggest things many bloggers do is collect information via forms. While you may find it nice to have, it just creates more details for you to concern yourself with. You should be limiting the data you collect from your users. Sure ask them for their email, but do you really need their phone number or address? Tidy up any forms you have, and take advantage of any plugins offering a “do not store data” option.
Have a plan
Individuals not only have a right to request access to the information you’re storing on them, but they also have the right to be forgotten. Consider using a CSV or a plugin if you’re using a CMS to export data when needed.
Likewise, you’ll want to have a plan for deleting data when users request it. Offering users the ability to delete their accounts is an easy way to take care of the issue. Otherwise, just be sure to delete whatever a user requests of you–few exceptions aside.
Deploy header bidding
We know you have a lot on your plate; you’re crafting a website, building a brand, and trying to balance quality with monetization. But, if you don’t ensure your website is GDPR compliant, your revenue streams quickly become at risk. For example, failing to adhere to privacy laws can make advertisers hesitant to bid for your units (goodbye money!).
Here at Newor Media, a premium header bidding provider, we offer a fully up-to-date Consent Management Platform to make your site compliant with privacy laws and regulations. Everything is packaged in with your units and header script, and there’s absolutely no work that has to be taken on your end to make sure you’re good to go! We’ll worry about the back-end of things, so you don’t have to. It’s an easy solution to keep your site credible and revenue-generating!
Despite GDPR being a regional regulation, its impact and enforcement are global. In short, you should be taking the necessary steps to ensure your website is GDPR compliant. There are plenty of resources and platforms ready to assist you. Contact one of our dedicated account reps today to get started with Newor Media.