You Down with GDPR?

It’s 4 Little Words, What Do They Mean?

You’ve probably been hearing about GDPR, which goes into effect tomorrow, May 25. What is it, you ask?

GDPR is a new regulation that states that, if a website collects, stores, or use any data related to an EU citizen, it must comply with the following:

  1. Tell the user: who you are, why you collect the data, for how long and who receives it.
  2. Get a clear consent, before collecting any data.
  3. Let users access their data, and take it with them.
  4. Let users delete their data.
  5. Let users know if data breaches occur.​

Luckily, both WordPress and WooCommerce have recently released updates that assist with complying with GDPR (such as ease of sending and deleting user data as well as reporting breaches).

There are a few things you can do to comply as well.

  1. Make sure you are running the newest versions of WordPress and WooCommerce since they have been updated to comply with requests to access and delete user information as well as report breaches. ​ ( If you are a Needmore client on our Maintenance Plan, we are updating your website to these latest releases.)
  2. Write out a Privacy Policy on your site. Check out this handy article on writing your Privacy Policy, including how WordPress helps you generate one. (You will also note that our own website has a new Privacy Policy in place.)
  3. Remove any automatic opt-ins (for example, a mailing list sign-up that has to be unchecked for it not to sign someone up).
  4. Make sure you are only collecting the information you need to run your business.
  5. Get clear consent on contact forms. This can be as easy as adding a required checkbox that says “I consent to my submitted data being collected and stored.”

Do note that this is not intended to act as legal advice, but rather as a heads-up about the new policies in place.

Kandace Brigleb

Producer, co-founder of Needmore. Currently residing on the left coast.