What can you do to comply?
At the very minimum:
- Setup a double opt-in for newsletters or forms
- Install a cookies approval pop-up plugin
- Include a note on any forms detailing how you store and use people’s data
- Talk to your lawyer to ensure you’re meeting your legal obligations
If your customers are in Europe, it’s imperative you engage a lawyer to ensure that your website and data processing is fully compliant. Even if you’re customers are predominantly in NZ, it’s still worth taking measures to protect your customer’s privacy. There are also considerations for enewsletters that MailChimp explains quite extensively (3).
The recommendations below are not a substitute for legal advice and are just some starting points to get your website on track for data protection. It’s not a one-off fix but will be an ongoing process.
WordPress sites: install a plugin to support GDPR compliance.
WP GDPR Compliance: This plugin has a note in the checkbox text that states by using this form you agree with the storage and handling of your data by this website. This provides proof that a customer gave you their approval for you to collect their details.
WP GDPR core: This plugin creates a page where users can request access to their own personal data that’s stored on your website. In the backend, you’ll get an overview of the requests users send and you can see which plugins collect personal data. Users who ask to view their personal data will get an email with a unique url on which they can view, update and download their own comments and ask for a removal per comment. You also need an ‘ask for approval’ checkbox.
EU Cookie law: informs users that your site has cookies, with a popup for more information and option to lock scripts before acceptance.
Cookie notice: Allows you to customize the cookie message and redirect users to specified page for more cookie information as well as set the cookie expiry
Note: Activating these plugins do not guarantee you fully comply with GDPR. Please contact a GDPR consultant or law firm to assess the necessary measures.
Cookie notification wording could include: “We use Analytics on this site which tracks visits anonymously using cookies. Please close this box to confirm that’s ok with you, or read more in this privacy statement”
Alexanders is actively working on WordPress & Joomla sites to install plugins and privacy/cookie terms pages. Talk to us about implementing a solution. Alexanders has engaged a lawyer who has prepared templates for our clients – if you are interested, talk to us about getting a copy – for a small contribution to our legal fees.