Disclaimer: I am not a lawyer or legal professional of any kind, this post does not provide legal advice. If you’re after full legal guidance on GDPR I’m afraid you will need to consult a professional. This is my interpretation of all the information I’ve read on GDPR and numerous discussions with other professionals. I am neither an expert nor a lawyer, and as such cannot be held liable for any advice taken from this article.

Well, that’s the first time I’ve started a post with a legal disclaimer, but I guess it’s just that kind of week…

If you’re anything like me at the time of writing this post you are sick to death of hearing ‘GDPR’ and even more pissed off by the seemingly endless number of emails landing in your inbox, demanding you resubscribe to lists you don’t remember signing up to in the first place.

Once this post goes live I’ll be sending a slightly different version of that email (I’ll get to that in a minute) in an attempt to minimise the annoyance you all feel at my need to comply with the new regulations.

Super Simple GDPR For Bloggers

For those of you who are as sick of it as I am, but you need to actually get yourself ready for it, go and do these five things:

  1. Create a new privacy policy for your website (I used a handy free template that you can download here). Add your details and if you’re unsure take a look at the guidance that comes with it. Once you’re happy, upload it to a new page on your website.
  2. If you haven’t already install a simple Cookie Policy plugin and activate it, so that anyone visiting your site is informed that you use cookies and asked to agree to their use. Even if you think you don’t use cookies, you almost certainly will in some way – plugins, third parties, email management systems, software, etc. all use cookies. It’s far better to err on the side of ‘you definitely use them somewhere’. It will take you two minutes, I used UK Cookie Consent and it works perfectly. Simply plugin, activate and if needed, change the style setting to reposition it on your site (it defaults to a top bar, which clashed with my existing top bar and meant you couldn’t actually see it, so I moved it to a bottom left box. If you have a top bar you may have to do the same).
  3. Check that your email list uses a double optin on every single optin form you have. You will probably find that you’re already doing it, as most email marketing providers default to using them and you have to actually switch them off to change it. Even so, check. Look at the settings on every existing form you have and make sure the double optin is set, meaning anyone signing up will receive an email asking them to confirm their subscription before anything is sent to them. If they don’t confirm, they won’t be subscribed.
  4. From now on you will never add anyone to your list manually or by any means other than them subscribing and subsequently confirming their subscription. It’s quite possible some of the people on your list didn’t confirm their subscription and may even have been added manually. To cover your bases, send out an email to your list including mention of your new privacy policy (with a link to the page you just created), and a reminder that they are free to unsubscribe at any time using the link at the bottom of every email. Provide a nice clear link and tell them to hit it if they don’t want to receive emails from you anymore. If you want to be even safer, send out an email asking everyone to resubscribe and only keep the people who do on your list.
  5. Use the ICO self-assessment to check if you need to register and, if you do, register!

This is a very simple, easy approach to GDPR for bloggers because, to be honest, it’s not a huge step up from what most entrepreneurs and bloggers are already doing on their websites. Even so, you may well want to read a more detailed explanation and account of GDPR and what it means. If you do, I recommend taking a look at Angie Taffs’ membership site, which includes a complete GDPR crash course.