Share
Technical Penguins: GDPR and How It Affects You. A number of people sit on a wide stairway with a colorful generic 3D-block graph applied to the stairs.
Photo by Sebastiaan Ter Berg on Flickr

How the GDPR affects you (and yes, it definitely affects you)

Executive Summary

Standard disclaimer: We are not lawyers, even though sometimes it sounds like it from the arguments around the dinner table. We are providing this information to the best of our knowledge, but it does not constitute legal advice. We also do not possess “the Force,” no matter how much Dan insists he moved the salt shaker.

The General Data Protection Regulation, or GDPR, is an updated law from the European Union governing data control, and it affects the internet in a big way. We’re going to try to keep this as short as possible (and it’s still pretty freaking long), so we’re going to skip the legislative history. However, because there’s no legal precedent to tell us exactly what’s changing, it’s best to look at it from base principles. We urge you to read this introduction, because it really helps to understand why the suggestions may seem so drastic.

Details, Tips, Recommendations & Takeaways

The largest change in the GDPR comes from a philosophical standpoint.

Many of the internet’s largest revenue streams stem from the idea of websites owning all the data they can collect on their users. The view is that when you visit a site, you are essentially telling the site you’re visiting that its owners can do whatever they want with your data.

It’s not even necessarily restricted to the internet — anyone who’s bought a car or gone to the bank in the last 10 years has probably received some page-length legal document about what that organization can do with your information in regard to marketing. And you, as the consumer, typically have the choice of letting them do whatever they want with your data, or not having the service provided to you.

The GDPR flips that idea on its head. Its base propositions include:

  • Users own their own data;
  • Websites (as it relates to us, but it’s really business in general) can only ask for information required to perform the service requested;
  • Websites must get affirmative consent for all that data to be stored and what will be done with that data;
  • Websites/companies are required to let users know what data the companies have stored about them, and to provide that data upon request;
  • Websites/companies are required to erase the data if requested by the user;
  • Websites/companies can only store data for certain lengths of time;
  • Websites/companies are responsible for the data that they have collected (including notifying users and regulatory bodies of breaches VERY QUICKLY)

Funnily enough, most of us probably agree with those things as users, but are terrified of them as business owners/operators.

On the face of it, all of that sounds really hard to do for people who are just interested in blogging or opening a mini-store. And that’s true: In order to comply with these regulations, a lot of self-hosted or self-managed bloggers/business owners are going to have to learn more about what their website/store is actually doing.

However, in the long run this isn’t really a bad thing. Knowing what tools you have, what they’re doing and how they operate should actually increase your skill and enhance your business. We can’t tell you the number of times people told us they have installed plugins or started tracking things (analytics, sales, etc.) without actually having a plan for what they’re going to do with that information.

Plus, getting your site more secure and protecting the privacy of your users is pretty important even if it weren’t legally required.

The last thing we want to talk about in general before we dive in deep is who this applies to. It is true that this is a European Union regulation, which in most circumstances would not apply to compa

This content is only available to subscribers. Login or Subscribe today.

Get more great advice

Know exactly what you want to do but not how to do it? Completely lost? No problem! We can provide as much or as little input, consultation or in-the-weeds work as you need to make your site compliant. Contact us today to help put you on the right path!

An illustration of a penguin in glasses holding a book.

Content-Only Membership

  • Includes access to all our white papers, with members-only recommendations and tips.
  • Includes a regular email newsletter on topics such as security, updates and website best practices.

$15/month

Find Out More
An illustration of a penguin in a hard hat, holding a wrench and a screwdriver, with an open toolbox in front of him.

Standard WordPress Maintenance and Security Plan

  • We'll keep WordPress and your plugins up-to-date on a monthly basis.
  • We will ensure your site is being comprehensively backed up.
  • Includes access to all our white papers, with members-only recommendations and tips.
  • Includes a regular email newsletter on topics such as security, updates and website best practices.
  • 10% discount off regular hourly rates for scheduled work performed.

$45/month

Find Out More
An illustration of a penguin wearing a security guard uniform and hat, with sunglasses and an earpiece.

Premium WordPress Maintenance and Security Plan

  • We'll keep WordPress and your plugins up-to-date on a monthly basis.
  • We will ensure your site is being comprehensively backed up.
  • Additional automated scanning for security vulnerabilities, malware and more.
  • One hour of scheduled work per month included ($65 value).
  • Includes access to all our white papers, with members-only recommendations and tips.
  • Includes a regular email newsletter on topics such as security, updates and website best practices.
  • 15% discount off regular hourly rates for scheduled work performed.

$90/month

Find Out More