How to Make Your Website Legal, for Life!

The new General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, and my inbox is flooded with emails from Google, ConvertKit, Etsy, Typeform, and all the other services I use for my business, telling me how they are changing their policies in order to comply. It got me thinking about my own website and whether or not I need to update my policies.

Have you been wondering the same thing? Or are you just deleting those emails thinking this is something for businesses much larger than yours? Or perhaps you have no idea what the GDPR is . . . in either case, you should to keep reading. I’m going to tell you how to make sure your website complies with the new regulations and stays compliant, for life!

But first, let me tell you a little story about how my business website may have been breaking the law . . . or maybe not. We’ll never know.


Stop worrying about GDPR once and for all. >>> Click to learn how to make sure your website is legally compliant, for life! #copperbtmdesign


When I first started my business, I hired a lawyer who came highly recommended by someone I have long admired in the stationery industry. We hit it off on our first consultation call and I decided to dive in and hire her for the full package of services. I ordered two trademark applications (one for my business name and one for my brand mark), three custom contracts, website terms and conditions, and a website privacy policy. I was feeling very proud of my new CEO status and wanted everything to be legit. It was a high price tag, but worth every penny to me for the hands-on, customized service she was offering.

We started off by creating the contracts because those were my first priority, then she filed the trademark applications, and then . . . nothing. Crickets. I emailed her about once a week for almost a month and even left two voicemails, all with no reply. I had questions about the contracts she created. I wanted to change a few things, but felt like I needed to talk it through with her so she understood exactly what I was looking for. And nothing.

Finally, I received a blitz of emails within one hour containing the contract changes and a very sloppy Word doc with a template of the website terms and privacy policy. I replied to these emails, and to this day, have never received a response.

So I turned to Google. It’s amazing what you can find out on Google.

I discovered some court documents that said my lawyer’s license had been temporarily suspended. She was unable to practice law (or communicate with her clients) for a certain period of time. That time frame matched up perfectly with the sound of silence after I sent my emails. Then I found another document that said she had been disbarred! When I compared the document dates, I saw that there was a very small window of time (a few days or so) between her suspension and disbarment.

She had actually rushed to get my project done within that small window of time when her license was active. Oddly, I felt grateful instead of upset. You see, some of the court documents explained the reasons why she ultimately lost her license, and they were personal in nature. My heart went out to her and I chose to cut my losses rather than kick a girl when she’s down. You know what they say about karma.

The contracts she created ended up being sufficient, but I didn’t trust the document with my website terms and policies. It looked pieced together and I wasn’t confident that it was complete with everything I needed. But I didn’t want to spend another dime on attorney fees, so I just slapped those terms and policies up on my site and turned a blind eye. I mean, a lawyer did create them, so how bad could they be? #donttrythisathome

And no, I never got those trademarks.



To be honest, I had completely forgotten about this whole lawyer debacle until I started getting emails (from pretty much every service I am part of) regarding the new GDPR compliance policy. I’ve gotta say, it made me a little nervous. I was already skeptical about whether or not my site was compliant now, it definitely wouldn’t be after these changes went into effect, right? So I decided to put on my CEO hat once again and get this thing right once and for all.

And . . . I turned to Google. Here’s what I learned:

GDPR is the new General Data Protection Regulation that is all about protecting the residents of the European Union (EU) against online data breaches. How does this affect small businesses like ours in the US? Well, if you have a website that collects personal data from users in the EU, you need to comply with the new regulation.

By collecting personal data, I mean that your website has features that include:

  • Collecting names and email addresses for blog comments, email list opt-ins, and/or content upgrades

  • Collecting cookies or IP addresses from visitors for analytics

  • Collecting payments in the currency of any country in the EU

If your website performs any of these actions (meaning you may get site traffic and/or collect the email address of someone in the EU), the GDPR requires that you make certain disclosures in your website Terms and Conditions and Privacy Policy; such as, what kind of information you collect from site visitors and what you are going to do with that information. It also requires that you conspicuously ask for consent to collect this information.



Now I knew that I definitely needed to update my website terms and privacy policy!

Enter The Contract Shop.

The Contract Shop was created by Christina Scalera, a lawyer and creative entrepreneur in her own right, who set out to simplify the world of contracts for small business owners just like us. I first learned about her through the Creative Empire Podcast, which she co-hosts with Reina Pomeroy. You can read more of her story here.

Christina has been researching GDPR since August, 2017—this woman knows her stuff! The Contract Shop sells contracts to clients in the UK, so she started researching the new guidelines purely for her own shop’s interests before even thinking about offering educational services on the topic.

She says the first step* necessary in making sure your website is GDPR compliant is to update your website Terms and Conditions and Privacy Policy. The team at The Contract Shop has done all the legal legwork for us and created a simple template that we can customize and copy and paste onto our sites. So easy right?! I wish this was around when I was getting started!

Each template is attorney-prepared and peer-reviewed by graduates of top 20 law schools, so you can be sure it is a good investment. And by investment, I don’t mean the thousands of dollars I previously spent on custom files from the lawyer-who-will-not-be-named, I mean only $255! Plus, the best part is that all templates are reviewed and updated twice a year and you will have full access to those updates for free, for life! I’m obviously a huge fan.

*Updating your website terms and privacy policy is only one piece of the GDPR puzzle. You also need to make sure your content upgrades and email list opt-ins are following the new regulations. This podcast from Amy Porterfield clearly explains the steps you need to take. Lastly, you'll need to install a cookie consent bar, or pop-up, on your site that asks users to consent to the cookie policy as stated in your new GDPR complaint Privacy Policy from The Contract Shop. To learn more about your cookie consent choices, click here. 

In full disclosure, I want you to know that I am an affiliate for The Contract Shop, which means that if you make a purchase from one of the links above, I may make a commission. I became an affiliate after purchasing the GDPR compliant Terms and Conditions and Privacy Policy and being thrilled with how easy it is to customize to your own business. Having heard my story, I am sure you understand my excitement for a cost-effective solution to something that is going to provide your business legal protection for life!

Now put on your own CEO hat and go grab the GDPR complaint Terms and Conditions and Privacy Policy today—then set it, forget it, and let The Contract Shop alert you to future legal updates.