On Wednesday, July 11, 2018, 9:00 AM the Winter Park Bloggers and Social Media Community met at the Casselberry Library to discuss if GDPR is changing content marketing?

Before GDPR (General Data Protection Regulation) there was the FTC CAN-SPAM  rules. The Federal Trade Commission approved four rule provisions under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM or the Act).

AND there was the 1998 COPPA, the Children’s Online Privacy Protection Act, that gives parents control over what information websites can collect from their children.

Some companies have forgotten these Acts and were called in by the Federal Government to account for how they were collecting and using private data.

If you collect information in order to send emails to people then all of this information concerns you. As of May 25th, 2018 GDPR law has been enacted with severe penalties for non-compliance.

I’m not an attorney. However, I have for the last 10 years been setting up email marketing systems using open source software. I encourage customers to know the rules, having a privacy policy in place. I’m learning to get GDPR compliant and figuring it all out. None of the following is intended as legal advice.

GDPR Overview and Checklist

In preparation for the May 25th enforcement date of General Data Protection Regulation (GDPR) for companies conducting business in EU Region,.
WordPress is GDPR-compliant from version 4.9.6 release. WordPress GDPR-compliant doesn’t mean that your E-commerce or Newsletter site or plugin is also GDPR-compliant as you can still set up WordPress, Forms, E-commerce and a Newsletter to collect and process customer’s personal data that doesn’t follow the standards outlined in EU’s new GDPR Law.

Shopify is offering a FREE Privacy Policy Generator and so is Rocket Lawyer
To ensure that you are using WordPress based on GDPR Standards, make sure the following points below are all in good status.

GDPR Compliant T&Cs

Make sure you have updated your terms and conditions to be GDPR Compliant.

Cookie Consent

GDPR requires that your users are informed of your cookie policy and that you are only collecting data that is necessary for the site to function properly. If you are collecting non-essential data, users must first give their consent before you can use non-essential cookies. See guidelines.

Explicit Contract Terms Checkbox

Non-implied Contract Terms checkbox should be present on all forms and pages where you collect personal data. This includes sign-up form and checkout form.

Define Personal Data Fields

What data you are collecting that can be considered as Personal/Identifiable Data. This data will then be available to your customers for viewing (Right of Access) and updating (Right to Data Rectification).

Right to Data Portability and Erasure

Allow your customers to be able to download (Right to Data Portability) and delete their own personal data (Right to Data Erasure).

Explicit Consent Checkboxes

Create consent checkboxes, show this in your checkout form, sign up form and customer’s my account page. Then configure your marketing (and other data processing campaigns) to only process data when consent is given and that the customer can anytime withdraw his consent at any time.

Use Tokenized GDPR Links

Use tokenized links so that customers can quickly and securely access their data, manage their consent at any time without logging-in to your site. You can easily put these tokenized links in your email templates so that customers can opt-out from certain data processing subjects without fully unsubscribing.

Clear Analytics Data with Personal Info

The previous version of WordPress, Your E-Commerce and Newsletter plugins may have recorded personal data to your database. Run the cleanup wizard to clear analytics data containing personal information.