The new General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, and my inbox is flooded with emails from Google, ConvertKit, Etsy, Typeform, and all the other services I use for my business, telling me how they are changing their policies in order to comply. It got me thinking about my own website and whether or not I need to update my policies.
Have you been wondering the same thing? Or are you just deleting those emails thinking this is something for businesses much larger than yours? Or perhaps you have no idea what the GDPR is . . . in either case, you should to keep reading. I’m going to tell you how to make sure your website complies with the new regulations and stays compliant, for life!
But first, let me tell you a little story about how my business website may have been breaking the law . . . or maybe not. We’ll never know.
We started off by creating the contracts because those were my first priority, then she filed the trademark applications, and then . . . nothing. Crickets. I emailed her about once a week for almost a month and even left two voicemails, all with no reply. I had questions about the contracts she created. I wanted to change a few things, but felt like I needed to talk it through with her so she understood exactly what I was looking for. And nothing.
So I turned to Google. It’s amazing what you can find out on Google.
I discovered some court documents that said my lawyer’s license had been temporarily suspended. She was unable to practice law (or communicate with her clients) for a certain period of time. That time frame matched up perfectly with the sound of silence after I sent my emails. Then I found another document that said she had been disbarred! When I compared the document dates, I saw that there was a very small window of time (a few days or so) between her suspension and disbarment.
She had actually rushed to get my project done within that small window of time when her license was active. Oddly, I felt grateful instead of upset. You see, some of the court documents explained the reasons why she ultimately lost her license, and they were personal in nature. My heart went out to her and I chose to cut my losses rather than kick a girl when she’s down. You know what they say about karma.
The contracts she created ended up being sufficient, but I didn’t trust the document with my website terms and policies. It looked pieced together and I wasn’t confident that it was complete with everything I needed. But I didn’t want to spend another dime on attorney fees, so I just slapped those terms and policies up on my site and turned a blind eye. I mean, a lawyer did create them, so how bad could they be? #donttrythisathome
And no, I never got those trademarks.
To be honest, I had completely forgotten about this whole lawyer debacle until I started getting emails (from pretty much every service I am part of) regarding the new GDPR compliance policy. I’ve gotta say, it made me a little nervous. I was already skeptical about whether or not my site was compliant now, it definitely wouldn’t be after these changes went into effect, right? So I decided to put on my CEO hat once again and get this thing right once and for all.
And . . . I turned to Google. Here’s what I learned:
GDPR is the new General Data Protection Regulation that is all about protecting the residents of the European Union (EU) against online data breaches. How does this affect small businesses like ours in the US? Well, if you have a website that collects personal data from users in the EU, you need to comply with the new regulation.
By collecting personal data, I mean that your website has features that include:
Collecting names and email addresses for blog comments, email list opt-ins, and/or content upgrades
Collecting cookies or IP addresses from visitors for analytics
Collecting payments in the currency of any country in the EU
ENSURING YOUR WEBSITE IS GDPR COMPLIANT
Enter The Contract Shop.
The Contract Shop was created by Christina Scalera, a lawyer and creative entrepreneur in her own right, who set out to simplify the world of contracts for small business owners just like us. I first learned about her through the Creative Empire Podcast, which she co-hosts with Reina Pomeroy. You can read more of her story here.
Christina has been researching GDPR since August, 2017—this woman knows her stuff! The Contract Shop sells contracts to clients in the UK, so she started researching the new guidelines purely for her own shop’s interests before even thinking about offering educational services on the topic.
Each template is attorney-prepared and peer-reviewed by graduates of top 20 law schools, so you can be sure it is a good investment. And by investment, I don’t mean the thousands of dollars I previously spent on custom files from the lawyer-who-will-not-be-named, I mean only $255! Plus, the best part is that all templates are reviewed and updated twice a year and you will have full access to those updates for free, for life! I’m obviously a huge fan.