GDPR Privacy Policy – If you were our client we’ve already created one for you

The General Data Protection Regulation (GDPR) is a regulation in EU law that went into affect on 25 MAY 2018.  If EU Citizens visit your website then you must provide a GDPR-compliant Privacy Policy.

Fortunately, WordPress version 4.9.6 introduced a feature that make this a lot easier by providing a tools that can create a boilerplate page containing most of the content you will need (Settings->Privacy).  In addition to the boilerplate content, you’ll need to do a quick audit of your website’s plugins that collect user data and add appropriate language to the privacy policy covering those plugins.  For example, almost everyone uses Google Analytics. If you you’ll want to include a paragraph similar to:

Google Analytics helps us measure how users interact with website content. As a user navigates between web pages, the Google Analytics JavaScript records information about the page a user has seen, for example the URL of the page. The Google Analytics JavaScript libraries use HTTP Cookies to “remember” what a user has done on previous pages / interactions with the website.

Do you have a ‘Contact Us’ form? Do you have a shopping cart? Do you allow users to opt-in to receive information? Do you have a membership or paid content area? Do you give webinars? etc. For each one of these that you answer ‘yes’ you’ll need to include a paragraph in your privacy policy. In many cases you can simply provide a link to the vendor’s privacy policy page on their website.

If you are a WebsiteOverwatch client then relax.  We’ve already done the work and published a Privacy Policy page on your website for you.