Fortunately, putting together this type of policy is now easier than it’s ever been, thanks to a handy new WordPress feature.
The General Data Protection Regulation (GDPR) went into effect not long ago and made some changes that affect just about every website owner. If any of your site’s visitors are from the EU, you’ll need to be sure you comply with the GDPR’s rules.
We’ve described how the GDPR works at length elsewhere, so we won’t repeat ourselves here. Suffice it to say that this regulation introduces new rules regarding privacy and transparency online.
All your website’s visitors now have the right to know what data you’re collecting about them and how it use, and even to have their information deleted.
While it may take a little effort on your part to get your policy just right, the basic steps involved aren’t difficult.
- What kind of data your site collects from visitors (names, email addresses, payment details, etc).
- What features or elements of your site gather data (such as contact and opt-in forms, social media buttons, and comments sections).
- Why you collect this data and what the data is used for in a general sense.
- How the data is stored (and for how long it stored).
- Who the data is shared with, such as external parties like cloud storage services and payment processors.
- How you protect the data, including what procedures are in place to keep it safe and to respond quickly in the event of a breach.
- What rights visitors have over their data. This should including the right to know all of the above, to ask for a copy of their data, and request to delete it at any time.
This may seem like a lot, but it’s best to be comprehensive. While it’s true that most people aren’t likely to read through the whole thing, you’ll want to be able to prove (if needed) that you’ve made all this information available and easily accessible.
You can easily do this in few steps:
In the recent version of WordPress, you need to go to the Setting>> Privacy, where you see that page something like this: