GDPR and My Privacy Policy

I’m sure those of you who work for global companies are aware of the new European Union regulation – General Data Protection Regulation or GDPR – which became enforceable on May 25 (last Friday).  It regulates how any organization that is subject to the Regulation treats or uses the personal data of people located in the EU. Personal data is any piece of data that, used alone or with other data, could identify a person. If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll need to comply with the GDPR.

How does GDPR apply to me

I’ve been seeing articles and other posts related to this new regulation for a while, especially as the May 25 date was approaching.  But I never gave it much thought because who cares about my itty bitty blog?  This is a hobby, not a business.  Why does it matter to me?

In many ways, it doesn’t apply to me.  For example, I’m not collecting that much personal information.  And I don’t expect my audience to include many outside of the United States.  But it appears I have a few readers in other countries so who knows how broad my audience could become.  To be safe, I’ve chosen to include a privacy policy for my blog site.  Hey, it never hurts to go above and beyond, right?  And I follow the rules.  🙂

Some things I’ve read seem to indicate this could become a bigger thing in the US as GDPR differs from the current US privacy model.  See this article by PwC that explains the differences when it comes to data breaches.  So, it’s never a bad thing to be ahead of the game.

What I’ve done related to GDPR

Initially, I was a bit overwhelmed by it.  I didn’t want to overlook something critical to my blog site but I didn’t know how or if it even applied to me.  Fortunately, my site manager and many of the plugins I use have provided me with enough information that I could quickly and easily create a privacy policy relevant to my site.

Since I’m not collecting all that much, it’s actually pretty simple.  But that’s all it took to make me compliant.  And if things should change and I begin collecting more personal data, I have the foundation in place and all I have to do is update it appropriately.

You’ll see a few things because of the changes I’ve made.

  • I have a new page called Privacy Policy.  (It’s now on my top menu.) If you haven’t read it yet, you should take a look.
  • Anyone who subscribes to receive emails from me will be asked to provide consent, confirming they’ve read my privacy policy and agree to it.  (Consent is a big part of the GDPR.)  There’s a link there that takes them to the policy.
  • Anyone coming to my site, now that my policy is in place, will be asked to view it and agree to it.  I’m pretty sure once you agree, you won’t see that blurb at the bottom anymore.  But you will see it again if I change anything in my policy.  (I apologize for the missing word in that blurb.  I installed something that creates it but I don’t see where I can edit the wording.  🤨 )

You might notice other (unexpected) changes as well, as a lot of the developers have been making updates.  For instance, the look of my poll changed and I’m not sure how to change it back!!  I promise future polls will not have the question in white letters!

Does GDPR apply to you?

If you aren’t sure, read up on it.  There are tons of articles out there about this.  And most companies or individuals supporting blog technology are very aware and continue to update their code and provide key information you will need to create your own personalized privacy policy.  I even learned a little HTML in the process!!  🤓

If it doesn’t apply to you, be glad.  I thought I was done with this stuff when I retired!!