Personal SEO ~ Website Marketing and Content Writing: June 2018

My 2 Cents About GDPR - All Those Privacy Polices You've Been Getting

Okay, I know I'm late but I thought I would still put my 2 cents about this GDPR business. There have been a few posts on it, which are informative but now since I've received probably my 50th email about an update to someone's privacy policy, I thought I'd better say something. 

 

What is it?

 

European UnionGDPR stands for General Data Protection Regulation and is really just regulations for handling people's information and data online set forth by the European Union and only applies to European Union Citizens (Approximately 150 million people) World image in green

 

If anyone from those areas inputs data on your website, YOU ARE AFFECTED.

 

It was put into effect on May 25th, 2018.

 

Those people MUST know what's to be done with the data you've collected. 

 

If you're not in compliance you could face fines of up to 4% of your revenue.

 

I want this post to be clear and easy to understand so here's what you should do:

 

#1. Know what data you are collecting from people. (newsletter information, analytics, email, name, phone number, ANYTHING)

 

#2. Understand what happens to that data.

 

#3. Create a compliance plan.

 

You can only protect and control what you know about. Understand all the avenues someone could give you their information and any third parties collecting information as well including CRM systems, Email Drip Campaigns, IDX logins, etc... all data should be mapped out, classified and documented. Seems confusing? It doesn't have to be.  While I AM NOT A LAWYER and CANNOT GIVE LEGAL ADVICE, I can tell you some steps to take and what we did.

 

First off, look at one of those privacy policies you've probably received. Look over it and see how the "big guys" have written it because you know they've probably covered their butts well. Start writing one of your own or find a similar one, reword it in your own words, and make sure it covers these areas:

 

1.Obtain Consent

Your Terms of Service must be clear so that the reader knows they are giving consent and understands what you are doing with their content. BUT this does not mean a simple box to check; users need to accept your privacy policy and any changes, more than a simple checkbox.

 

2. Breach Notification

The user needs to know what you will do if ever their data is compromised. 

 

3. Right to Access

Users have the right to request their own data and to know what you're doing with it.

 

4. Right to be Forgotten

Users can request you delete their information at any time.

 

5. Data Ownership

Users have the right to their own data and can reuse it elsewhere

 

6. Privacy

Lock down your site as much as possible and tell people what you're doing with their data...all of it.

 

7. Prove it

Be ready to have reports on the data and what you have done with it.

 

If you're still stuck you can take a look at our website: https://www.personalseo.com. We've installed a widget on the top bar so that people can know and understand what we do with their data.

 

IF YOUR IDX SOLUTION COLLECTS DATA

 

Call them and ask how they are dealing with the GDPR compliance. If they don't know what you're talking about, talk to a superior. You AND them may be responsible. 

 

You or your webmaster can block users from those countries, BUT if someone from those countries were in the states and used your website, you would still be liable. That's a risky place to be. It's just best to comply.

Make it in plain English - "On this site I use ... (Google Analytics, IDX information, Forms, CRM, Newsletter software, etc..) And link to any additional GDPR compliancy such as analytics, forms, CRM, or newsletters and their websites if possible. Seriously, cover your butts EVERYWHERE.

 

"But I won't or don't sell anything to overseas buyers." - But you may not have any control over whether or not they put in their information for your data collection. This really doesn't solve the problem.

 

"I don't collect any data."  - How are you doing business again? Just kidding... if you never ask for any information and don't have a property search on your site, I would still add it under the privacy policy just be safe. But this means that you don't use any visitor tracking system, no Google Analytics, no contact forms, and no comments on blogs. Better safe than sorry.

 

"How do I know what to say?" - I would find a similar site and see what theirs is and as long as it covers the basis you can reword it into your own words or have a lawyer draw up one.

 

What if you don't comply?  Fines range from $23 million (yes, million) or 4% of your annual revenue, whichever is greater... NOT A GREAT PLACE TO BE. This is the max though and supervisory authorities will have the scope to impose fines at will or issue warnings, reprimands, order compliance with data subject requests and inform the user of any issues. I don't know about you but these really make me want to comply. 

 

GDPR Compliant

World image By S. Solberg J., CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=2142538

 

 

ActiveRain and SEOTammy Emineth is an expert in custom content and original articles for blogs, website, press releases and more. Contact me anytime and feel free to subscribe to this blog to stay up to date on my latest blogs and informative information. Email me or contact me for Real Estate Website Marketing and SEO Content Writing.

 Twitter Me  Blogspot Blog  Connect on Linkedin  Google Plus Find me on Facebook   Find cool stuff with me on Pinterest  Fun stuff on my tumblr page

The information contained in this blog is believed to be true and correct and while every effort is made to assure that the information is as accurate as possible, the author of this blog, and its comments disclaim any implied warranty or representation about it's accuracy for any particular purpose. All information is copy written and the property of Tammy Emineth.  

Comment balloon 15 commentsTammy Emineth • June 12 2018 05:51PM
My 2 Cents About GDPR - All Those Privacy Polices You've Been Getting
share
Okay, I know I'm late but I thought I would still put my 2 cents about this GDPR business. There have been a few posts on it, which are informative but now since I've received probably my 50th email about an update to someone's privacy policy, I… more