ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

GDPR: Things to Do NOW to Safeguard Your Small Business

Updated on May 31, 2018
Daniel Simmons profile image
Daniel Simmons
more

Daniel joined the award-winning web development and digital marketing firm, eVision Media, and has been instrumental in its growth.

Contact Author

Has the GDPR got your head spinning?

Before you roll your eyes at yet another message about GDPR, in this video I share the fundamentals of what ALL business owners must have in place with their online presence, regardless of where you do business.

Firstly, this is not official legal advice being given. It is my intention to help clarify what you need to do to protect your business not just from the GDPR but from CanSpam and other international laws that are in place to protect the data you are collecting of other people. If you are unsure on what to do, consult with a lawyer who is proficient in GDPR laws.

Are You Affected by The GDPR?

Yes. If you have any kind of form submission or tracking codes on your website that has the possibility of someone from the EU visiting or entering their name and email address, then you must be GDPR compliant.

This means if you have any of the following present:

  • Newsletter signup
  • Free giveaway or download
  • Webinar/teleseminar offerings
  • Contact form
  • Digital program for sale or download
  • Potential clients who live in the EU
  • A physical product that gets shipped

You are also affected if you have any tracking codes on your website. Either Google, Facebook or affiliate links where data is being compiled about who is visiting your site and what links they are clicking on.

This is especially relevant if you or your marketing company uses re-targeting as part of a marketing campaign.

What does this mean to you?

The people living in the EU must have a clear understanding of what you are doing with their data. How that data is being used, how it's being stored and they must also have an easy option to tell you to stop storing/using it.

What you need to do

First of all, don't panic.

The GDPR is mostly concerned about the big corporations that collect and use data for their operations. Think Google, Facebook and the like.

But that doesn't mean you can't be help liable if someone filed a complaint about you. Therefore, you should do the following to protect yourself:

  1. Ensure everyone in your current newsletter mailing list gave explicit permission to be there.This means:
    • They added their name/email address to the form knowing exactly what they were getting and you are not delivering anything different than promised.
    • They were not manually entered by you via import from as an example, LinkedIn contacts, a purchased list, a webinar they attended that you didn't host and you were given their names, or even after meeting someone at a networking event.
  2. Ensure it is clear WHY they are in your list. If you are giving a free giveaway, you must also be clear they will also receive regular newsletters, promotions etc. from you
  3. Have a GDPR compliant privacy policy on your website. Even if you only have a contact page form, this is absolutely necessary.
  4. On any form on your website, whether it's your newsletter list or a contact form, have a link to your privacy policy page stating the submitter agrees to the privacy policy terms upon submission.

    Some say you need to make a check box but it will suffice to add consent-centric text under the submit button with a link back to your privacy page.
  5. If you have affiliate links or any other kind of tracking codes being used for marketing purposes, it's a good idea to have a pop-up telling your visitors your site uses cookies and they can click to view your privacy policy and/or click to continue to explore your site

About Sending Privacy Policy Changes Email Notices

You may have noticed an onslaught of companies sending an email advising you of their privacy policy changes and are wondering if you should do the same.

If you are a small business or solo entrepreneurship, then the odds are that you don't.

These are only big data-collecting companies that should do this and are doing so to cover themselves legally.

About Sending Re-Opt In Email Notices

You may have also noticed some people are sending out emails asking you to re-opt into their list.

You do need to do this if there are people in your list that did not give explicit consent to be in that list and could be located in the EU.

Ideally, you would want to work with your list service provider and be able to segment out these people with an EU IP address and send that double opt-in notice only to those. But if it's unclear on their origin, they also need to be included.

© 2018 Daniel Simmons

working

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

 Necessary
 Features
 Marketing
 Statistics

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://corp.maven.io/privacy-policy

Show Details
Necessary
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
Features
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Marketing
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Statistics
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)