• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
WP Minder logo

WP Minder

  • WordPress Care Plans
    • Basic Care Plan
    • Advanced Care Plan
    • Premium Care Plan
    • Compare Care Plans
  • FAQ
  • Blog
  • About
  • Contact
  • Find A Care Plan
  • Log In

gdpr

Elementary GDPR for WordPress Site Owners

August 7, 2018 by Debbie Campbell Leave a Comment

The GDPR (General Data Protection Regulation) went into effect on May 25, 2018. Even if you are not selling or marketing to EU customers directly, this is still very important for website owners. And it is very much a moving target – you’ll see conflicting information, very little in the way of direction, and this is unlikely to change until the new rules are actually tested in court. It’s frustrating, but I’ll try to share the basics of what I’ve learned here.

Note: I am not an attorney and this is not legal advice; it’s recommended that you contact your attorney to review your privacy policy, terms of service, opt-in forms and other aspects of use that involve personal data.

What’s it all about?

User privacy concerns
Photo by Hannah Wei on Unsplash

It’s about privacy, an overriding concern these days. It’s all about personal data – we have to all be good stewards of our customers’ personal information.

Some sites don’t store personal data, but if they do they have to comply with requests from EU users to remove that data and to share information about why the data is collected, how it’s used, and and how it’s stored.

I’m not in Europe – does this matter to me?

If you’re not selling anything, or focusing on EU users in your marketing, does it still affect you? Most likely. If you have a comment or contact form on your site that asks for name and email address, that’s personal data. If someone from the EU fills out your form, then GDPR applies. From Red Kite’s point of view, compliance is a good target for all website owners.

You may be collecting personal data through:

  • User registrations
  • Payments
  • Comments
  • Contact form requests
  • Chats
  • Plugins
  • Analytics and traffic logs
  • Security tools and plugins

This are serious penalties involved here too – fines can go up to 20 million Euros or 4% of total company annual earnings.

GDPR for WordPress Site Owners – How WordPress is Helping You

You’ll probably be relieved to hear that WordPress is taking this seriously, and as of release 4.9.6 has put some new tools in place right in the admin dashboard to assist you with compliance. These are:

  • Under Tools, new features to make it easy for you to export or erase the data for a user by their username or email address.
  • Under Settings, a new Privacy feature that lets you specify an existing privacy page or have WordPress create a default one (which you must edit) for you.

For more information, check out this helpful post by BlogAid on using the new WordPress GDPR tools.

Keep in mind…

Some key aspects about GDPR to consider (remember: I am not an attorney!).

  • Breach notifications – if you have a security issue with your site, notify users with personal data storage within 72 hours. This means you need to be monitoring security with a plugin and/or a service like Sucuri. Security is going to become even more important!
  • Data collection, processing and storage – a terms of service or privacy page should detail what data is collected, how it’s used, why it’s stored, and how it will be stored. You’ll also need to provide a copy of the data stored if a user requests it, and remove the data if requested (which will mean removing an account in most cases).
  • How plugins on your site store data collected from users – this is a big issue, and a lot of plugin developers are working to make it easy to access/remove user data.

What should you do to make your WordPress site compliant?

Chat with your attorney about this, but these are steps to take that are likely common to most small business sites.

  1. Look at all the different ways you’re collecting user data on your site.
  2. Put mechanisms in place so users can control their data (make sure you’re asking for consent for forms, for example).
  3. Avoid collecting user data when it’s not completely necessary.
  4. Make sure your site’s plugins are also compliant. Site owners are ultimately responsible for the data collection and storage of plugins, so review your plugins carefully.
  5. Make sure all newsletters, downloads, etc. are asking for consent/are opt-in instead of opt-out. Already-checked consent boxes are a breach of GDPR.
  6. Consider a Cyber Liability insurance policy that protects against data breaches and other losses of personal data.

There is an excellent checklist in this post on these other considerations for compliance.

Is it likely that your small business site will ever be involved in a GDPR dispute? Hard to say, but it seems much more likely that the targets of such disputes will most likely be very large companies, at least in the beginning.

There will be more to come on this topic… GDPR is still in its early stages and evolving.

Some other references on GDPR:

GDPR: How it Affects WordPress Site Owners and Developers
GDPR Compliance Tools in WordPress
5 Actionable Steps to GDPR Compliance with Google Analytics
The Complete WordPress GDPR Guide
Worried About WordPress and the GDPR? Start Here
Ask Yoast: Preparing for the GDPR

Did you find this useful? Please share with your friends and colleagues!

Filed Under: Privacy, Security Tagged With: gdpr, personal data, privacy

Weekly Links Roundup – Lazy Loading, GDPR, CDN Comparison, Trackbacks

June 22, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

I know it’s been a few weeks, but June is busy – a weekend trip, Comic Con, a new kitten… But today I’m getting caught up.

If you’re worried about long load times for your website (and you should be) one of the optimizations you can try is ‘lazy loading.’ Lazy loading is when you delay loading of below-the-fold content until the user actually scrolls down to where they are on the page. This way, things that aren’t needed immediately, like images and video, don’t slow down the initial page load. Here’s a nice review post about lazy loading that highlights some of the main WordPress lazy loading plugins. Personally I like a3 Lazy Load and just used it in a site this morning…

You probably haven’t been hearing as much about GDPR since it went into effect May 25th – but that doesn’t mean it’s gone away. Here’s a post-launch article about GDPR and why it’s still such a confusing mess.

If you’re thinking about adding a CDN (content delivery network) to your site, for the benefits of serving static content from servers physically closer to your visitors and making your site faster, here’s a comparison of CloudFlare and MaxCDN. CloudFlare has a free option and MaxCDN does not, but they are both good choices. This post will explain why.

Finally… all about WordPress trackbacks and pingbacks – what they are, why you may or may not want them, and what to do about them.

 

Filed Under: Performance, Privacy, WordPress Plugins, WordPress Tutorials Tagged With: cdn, cloudflare, gdpr, lazy loading, maxcdn, pingbacks, trackbacks

Weekly Links Roundup – CDNs, Event Calendar Plugins, Privacy Policies, Photography Blogs

June 1, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

WP Minder’s VPS hosting plan includes a free CDN – but what exactly is a Content Delivery Network? It’s about distance for sure (having your content delivered by a server near your site visitor’s physical location can decrease loading times) but it can also be about security and bandwidth. Learn more about CDNs from Yoast.

If you’re wanting to add an events calendar to your site, here’s a review of 9 event calendar plugins, including both free and commercial options. I used My Calendar recently on the Colorado Sound site to help them manage an extensive concert calender – take a look.

So GDPR (the EU’s General Data Protection Regulation) went into effect on May 25 and the world didn’t explode. Not yet, anyway. If you haven’t yet taken the time to craft a privacy policy page for your website, here’s a basic guide to privacy policies (note that this article doesn’t constitute legal advice).

Finally… a subject near and dear to my heart. If you’re a photographer, even an amateur one, you should seriously consider starting a photography blog. Here’s why.

 

Filed Under: Blogging, Performance, Privacy, WordPress Plugins Tagged With: calender plugin, cdn, content delivery network, event calendar plugins, gdpr, photography blog, privacy policy

Weekly Links Roundup – Privacy Settings, GDPR Plugins, Affiliate Programs, Admin Columns

May 18, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

Have you noticed the new Privacy settings page under Settings? This is a new WordPress feature that’s just come out in advance of the GDPR (General Data Protection Regulation) going into effect in the EU on May 25. The GDPR requires site owners to be transparent about how they collect, use and share personal data, and to provide ways for users to review, correct and remove personal data from websites. Add your privacy page in the settings – and if you don’t have one there are some guidelines for creating them.

There are a number of GDPR plugins for WordPress already. Of the ones I’ve checked out, this is the most useful so far: GDPR Personal Data Reports. This plugin makes it super-easy for your users to request a copy of the data on your site, and to request deletion. It’s all automated and requires confirmation from the user before any actions are taken, plus it logs each request in the dashboard for you for record-keeping.

If you’ve thought about monetizing your WordPress site for more income, here’s a post about setting up either an affiliate or referral program in WordPress. These programs use a special link to your site that you share with your affiliates and referrers; they promote your site on their own websites and when someone clicks through, they get a small commission. Several plugins that can help you set up your own program are reviewed.

Finally… a review of the Admin Columns plugin for WordPress. This is a handy tool that lets you fully customize the columns for your Pages and Posts pages in the dashboard – reorganizing, adding or deleting columns, sorting, filtering and even editing content items in columns! There’s a drag-and-drop interface and over 390 different column types to pick from.

 

Filed Under: Maximizing Your Business Website, Monetizing WordPress, Privacy, WordPress Plugins Tagged With: admin columns, affiliate program, gdpr, monetizing wordpress, privacy, referral program

Weekly Links Roundup – Booking Plugins, GDPR Resources, Image Optimization Plugins

May 4, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

If you have any kind of services website where you need to manage appointments, consider using one of these 10 WordPress booking plugins. I haven’t used any of these in client sites, though I’ve had several good experiences using BirchPress Scheduler (both the free and commercial versions).

GDPR is coming up on May 25! To mark this event (which has a number of my clients and colleagues very concerned), here are a few of the resources I’ve found as I’ve been updating my own sites to comply.

  • The Complete WordPress GDPR Guide: What Does the New Data Regulation Mean for Your Website, Business and Data? – This is the big one for WordPress site owners so far. Lots of useful info here.
  • GDPR Compliance for WordPress and WooCommerce – This is short and is mostly concerned with a site’s privacy policy. A few other resources are provided.
  • Worried About WordPress and the GDPR? Start here – A good overview of the issues plus a list of resources.

Finally… If you have images on your site, they need to be optimized – otherwise they can slow down page loading (if you have a lot of images, this becomes even more important). Here’s a comparison of 6 WordPress image optimization plugins – my current favorite is ShortPixel.

Filed Under: Performance, WordPress Plugins Tagged With: appointment booking plugin, booking, gdpr, image optimization

Weekly Links Roundup – YouTube Embeds, Big Images, GDPR

March 30, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

A statistical milestone: WordPress now powers 30% of the top 1,000,000 websites! This is over 60% market share of all content management systems (CMS) too.

Ever struggled with (or unsure how to) get a YouTube video into your WordPress site? Here’s a nice simple guide to 4 methods for embedding YouTube videos in WordPress. Typically I use an iframe because I want more customization, including making the video look right in mobile phones and tablets, but there are easier methods…

Next let’s talk about images… Big images are often one of the worst culprits with slow-loading sites. Here are 5 tips on how to display images without causing major slowdowns.

Finally… new EU legislation called GDPR (General Data Protection Regulation) is coming into play as of May 25, 2018. If you sell to EU countries and/or market to them with intent, this will affect your WordPress site. But in fact, it’s good practice for anyone with a business site to pay attention to GDPR because its focus is personal data and how it’s collected and stored. More detail on this is coming soon, but this is an excellent introduction to GDPR.

 

Filed Under: Online Marketing, Performance, Privacy, Resources, WordPress Plugins Tagged With: gdpr, images, slow, video, youtube

Primary Sidebar

Categories

  • About WordPress
  • About WP Minder
  • Blogging
  • Design
  • Ecommerce
  • Hosting
  • Legal Issues
  • Maintaining WordPress
  • Managing Content
  • Maximizing Your Business Website
  • Monetizing WordPress
  • Multisite
  • News
  • Online Marketing
    • Email Marketing
    • Podcasting
    • Social Media
  • Performance
  • Privacy
  • Productivity
  • Resources
  • Security
  • SEO
  • User Experience
  • WordPress Plugins
  • WordPress Problems
  • WordPress Themes
  • WordPress Tutorials

Footer

From the Blog

  • Why Updates Matter

  • Weekly Links Roundup – Online Sermons, Help Desk Plugins, Before You Hit Publish, Download Managers

  • Weekly Links Roundup – WooCommerce Payments, Uptime Monitors, Popup Plugins

Latest WordPress Security Alerts

  • Trojan Spyware and BEC Attacks
    on March 4, 2021
  • SQL Triggers in Website Backdoors
    on February 25, 2021
  • UCEPROTECT: When RBLs Go Bad
    on February 13, 2021

Get WordPress Tips in Your Inbox!

Don't miss our semi-monthly posts with WordPress resources, tips and news for busy business owners and site managers.

© Copyright 2021 WP Minder · All Rights Reserved · Privacy · Terms · Affiliates
WP Minder logo
  • WordPress Care Plans
    • Basic Care Plan
    • Advanced Care Plan
    • Premium Care Plan
    • Compare Care Plans
  • FAQ
  • Blog
  • About
  • Contact
  • Find A Care Plan
  • Log In
This site uses cookies to enhance your experience. By continuing you agree to the use of cookies. View privacy information.