Online business owners all over the world are scrambling to comply with the European GDPR law.
In case you haven’t heard about it, here’s a quick overview:
GDPR stands for General Data Protection Regulation, and it was enacted to protect the privacy of EU citizens. It’s also enforceable anywhere in the world, so your WordPress site likely needs to comply.
I wrote about GDPR for freelancers, and why it’s good business to incorporate GDPR requirements into your business. Since then, there is news that in California, a ballot proposition which mirrors many aspects of GDPR, is heralding similar privacy requirements in the U.S.
Essentially, GDPR aims to create more transparency between website owners and visitors about what data is being collected, and what’s done with it. It also gives the users more control over their own data.
Properly implemented, it can enhance the know-like-trust factor that makes it easy for people to do business with you.
To understand what GDPR requires of you, first familiarize yourself with some new vocabulary.
- Data subject is the individual whose information you collect and store.
- Personally identifiable information is anything that can identify the site visitor — a name, address, picture, bank account information, or even an IP address.
- Data controller is the individual or business that determines how an individual’s data is processed.
- Data processor is the individual or business that processes data on behalf of the data controller.
If you own the website, you’re the data controller, and you may also be the data processor in some situations but not others. For example, if you use an email service provider (like MailChimp), your list is stored with them and they send out the emails. In that example, they are the data processor.
This article is reserved content for Wealthy Web Writer platinum members. To continue reading this article please log in or become a member today.