The EU General Data Protection Regulation (GDPR)

What is a Privacy Policy, Do I Need One and Why?

A privacy policy is a statement or a legal document (in privacy law) that discloses some or all of the ways a company (website) gathers, uses, discloses, and manages a customer or users’s data.

You need a Privacy Policy if you sell goods or services to citizens in the EU, in order to comply with the EU’s General Data Protection Regulation (aka GDPR). Technically however these Regulations apply to any EU citizen who visits your website.

You should have a privacy policy because being transparent about the collection and use of private data is important.

What is Personal Data?

Most websites, including yours collect some form of personal data.

Personal Data includes: Name, Address, Localization, Online identifier, Health information, Income, Cultural profile and more.

How and Why is this Data Collected?

[accordion clicktoclose=true tag=h4][accordion-item title=”Google Analytics”]This functionality tracks your website users and provides insight into the traffic on your website. Currently your website records location and other data about each visitor and stores this data within your Google Analytics account.[/accordion-item]


[accordion clicktoclose=true tag=h4][accordion-item title=”Contact Form Submissions”]Your website collects and stores information submitted through these forms. This allows you to receive the message. The content then gets stored as a backup measure.[/accordion-item]


[accordion clicktoclose=true tag=h4][accordion-item title=”Online Shopping”]If your website offers online shopping, all the order and customer details are collected and stored on your website. This data can be deleted (from the Orders Page) once the order has been processed. Note: Credit card and payment data is not stored.[/accordion-item]


What Options are available to make your website GDPR compliant?

[accordion clicktoclose=true tag=h4][accordion-item title=”Option 1 > Do nothing…”] You can opt out of making any changes to your website if all of the following apply:
You don’t offer goods or services directly to EU citizens.
You don’t have any Contact Forms on your website or you’d rather have the Contact Forms removed than make changes to comply.
You don’t want to continue to collect personal information for traffic tracking purposes.

This means that User data will continue to be gathered but will be made anonymous for privacy purposes.[/accordion-item][/accordion]

[accordion clicktoclose=true tag=h4][accordion-item title=”Option 2 > Privacy Policy, Notification & Consent…”] Choose this option if you want to continue to collect personal data AND be compliant with the new EU Privacy Regulations.

Your website needs to include the following:
A Privacy Policy will be added to your website. You’ll be given the opportunity to view your Privacy Policy and make changes before it’s launched.
An unobtrusive pop-up window will be added to your website that allows users to view your Privacy Policy. Once users have seen the pop-up once it won’t be shown again.
A Consent Checkbox will be added to all the Contact Forms on your website.

Click here to view the Privacy Policy template that will be used. [/accordion-item][/accordion]

[accordion clicktoclose=true tag=h4][accordion-item title=”Option 3 > DIY Compliance”]Choose this option if you want to continue to collect personal data AND be compliant with the new EU Privacy Regulations.
Please make the following changes to your website:

  1. Login to your website and access the main Dashboard.
  2. Using the main Dashboard Menu on the left, go to SETTINGS > PRIVACY
  3. Under Select a Privacy Policy page, choose CREATE NEW PAGE
  4. You will be directed to the New Page. This new page contains some default information that should be read through and added to.
  5. When you’re done, Publish the page
  6. Make sure your visitors know about your Privacy Policy by adding a link to the Privacy Policy Page on the Home, About or Contact Pages.

Note: To retain the use of any Contact Forms on your website, a consent checkbox must be added. For the “do-it-yourself” method, please contact us.

For thorough instructions on how to edit your WordPress website, please visit the WordPress Instructions section of our website.


How to keep your E-Commerce website GDPR compliant:

[accordion clicktoclose=true tag=h4][accordion-item title=”Be mindful of the Personal Data that is stored…”] Every Order contains personal data and each Order should be deleted from the website once the order has been sent, unless you are advising you customers otherwise.
There is a new option for you to Remove Personal Data. This can be done from the Orders Page.[/accordion-item][/accordion]

Thanks for taking the time to read this information.

I look forward to hearing your thoughts on how you’d like your website to comply with these new regulations.


Please contact us for more information.

Please note: I am not a lawyer and this is not intended to be legal advice. Please consult a lawyer for more information.