WP Minder

privacy

The Latest US Privacy Law News

by Leave a Comment

On April 28th, the Connecticut legislature passed its new Connecticut Data Privacy Act, which is now going before the governor. It’s based on the Colorado Privacy Act which became law in July 2021. Here are some key features of the Connecticut Act:

  • Consumer approval is required for managing sensitive data
  • Controllers have to allow consumers to later withdraw consent
  • Opt-out regulations are very strict
  • Childrens’ data privacy rights match California’s.

If passed, Connecticut will become the fifth state having passed broad consumer data privacy bills. The others are Colorado, California, Virginia and Utah. More on the new Act here.

Eleven other US states currently have privacy bills in progress:

  • Alaska
  • Louisiana
  • Massachusetts
  • Michigan
  • New Jersey
  • New York
  • North Carolina
  • Ohio
  • Pennsylvania
  • Rhode Island
  • Vermont

The importance of having a comprehensive, up-to-date privacy policy on US-based websites is at an all-time high. That’s why WP Minder offers our dynamic privacy policy/cookie policy tool for our Care Plan clients. Contact us for more information.

Links Roundup for August 2021

by 2 Comments

Questions about GDPR. GDPR (the General Data Protection Regulation, their privacy guidelines for the acquisition, usage, storage and deletion of personal data for EU users) can be a confusing beast. I get questions about it from clients mostly concerned about privacy policies. Here is a post from MailerLite about 99 common GDPR questions for email marketers that you may find helpful.

AI-powered copywriting. Does the idea of writing a blog post make you feel _____ (insert your favorite anxious feeling here)? It can be hard coming up with interesting things to write about week after week, there’s no way around it. But have you considered one of the many AI-powered copywriting tools that are now available? There are a good many to choose from; some focus more on short content like headlines and ads, while others work with longer content like blog posts or product descriptions. Here’s a review of some of the top AI-powered writing tools.

Roundup of content generators. Here’s another post on content generators, but this one covers a lot more ground. In addition to AI copywriting tools, it includes others for generating headlines, names, ad copy, audio and video content, blog ideas and more.

Redirects. Removing (or sometimes moving or renaming) old website content can cause big problems for search engines. Redirection is the process of sending search bots and human visitors to the correct new content when they try to go to deleted or moved content. It’s easy to do with WordPress plugins like Redirection and 301 Redirects, but the reasoning behind it may seem confusing. Learn 6 redirection best practices for your WordPress site.

Weekly Links Roundup – Grammar, Anti-spam Plugins, CCPA

by Leave a Comment

Here’s our latest selection of curated WordPress and web marketing links to help your business thrive.

Not the best speller? Think doesn’t matter? Think again…Nothing hurts the credibility of your business like content full of spelling and grammar errors. It forces the reader to work harder to understand you. And put simply, it makes your business look slack. If your content is flawed, what does that say about the rest of your operations? Learn how to improve your content to build credibility. And if you’re not the best at spelling and grammar there are tools for that, like browser-based Grammarly which works in both Gutenberg and classic editors.

Here’s a roundup of some of the best anti-spam plugins for WordPress. I’m been a fan of Antispam Bee for awhile but lately am using the commercial plugin CleanTalk for our WP Minder Care Plan clients and it is fantastic. CleanTalk provides behind-the-scenes protection (no captcha!) and a dashboard that shows how it’s working – one of my client sites that was previously reporting a bad spam problem had almost 1,800 spam attacks blocked just this week.

By now you have likely heard about the CCPA (California Consumer Privacy Act) which dropped on January 1. Like the GDPR, the CCPA is designed to protect private data of users including knowing what person info is collected; what info is being sold; opting out of data collection and data selling. Here’s post about how CCPA may affect your WordPress business.

Did you find this information useful? Please share with your friends and colleagues! And comment below with questions or observations.

Elementary GDPR for WordPress Site Owners

by Leave a Comment

The GDPR (General Data Protection Regulation) went into effect on May 25, 2018. Even if you are not selling or marketing to EU customers directly, this is still very important for website owners. And it is very much a moving target – you’ll see conflicting information, very little in the way of direction, and this is unlikely to change until the new rules are actually tested in court. It’s frustrating, but I’ll try to share the basics of what I’ve learned here.

Note: I am not an attorney and this is not legal advice; it’s recommended that you contact your attorney to review your privacy policy, terms of service, opt-in forms and other aspects of use that involve personal data.

What’s it all about?

User privacy concerns
Photo by Hannah Wei on Unsplash

It’s about privacy, an overriding concern these days. It’s all about personal data – we have to all be good stewards of our customers’ personal information.

Some sites don’t store personal data, but if they do they have to comply with requests from EU users to remove that data and to share information about why the data is collected, how it’s used, and and how it’s stored.

I’m not in Europe – does this matter to me?

If you’re not selling anything, or focusing on EU users in your marketing, does it still affect you? Most likely. If you have a comment or contact form on your site that asks for name and email address, that’s personal data. If someone from the EU fills out your form, then GDPR applies. From Red Kite’s point of view, compliance is a good target for all website owners.

You may be collecting personal data through:

  • User registrations
  • Payments
  • Comments
  • Contact form requests
  • Chats
  • Plugins
  • Analytics and traffic logs
  • Security tools and plugins

This are serious penalties involved here too – fines can go up to 20 million Euros or 4% of total company annual earnings.

GDPR for WordPress Site Owners – How WordPress is Helping You

You’ll probably be relieved to hear that WordPress is taking this seriously, and as of release 4.9.6 has put some new tools in place right in the admin dashboard to assist you with compliance. These are:

  • Under Tools, new features to make it easy for you to export or erase the data for a user by their username or email address.
  • Under Settings, a new Privacy feature that lets you specify an existing privacy page or have WordPress create a default one (which you must edit) for you.

For more information, check out this helpful post by BlogAid on using the new WordPress GDPR tools.

Keep in mind…

Some key aspects about GDPR to consider (remember: I am not an attorney!).

  • Breach notifications – if you have a security issue with your site, notify users with personal data storage within 72 hours. This means you need to be monitoring security with a plugin and/or a service like Sucuri. Security is going to become even more important!
  • Data collection, processing and storage – a terms of service or privacy page should detail what data is collected, how it’s used, why it’s stored, and how it will be stored. You’ll also need to provide a copy of the data stored if a user requests it, and remove the data if requested (which will mean removing an account in most cases).
  • How plugins on your site store data collected from users – this is a big issue, and a lot of plugin developers are working to make it easy to access/remove user data.

What should you do to make your WordPress site compliant?

Chat with your attorney about this, but these are steps to take that are likely common to most small business sites.

  1. Look at all the different ways you’re collecting user data on your site.
  2. Put mechanisms in place so users can control their data (make sure you’re asking for consent for forms, for example).
  3. Avoid collecting user data when it’s not completely necessary.
  4. Make sure your site’s plugins are also compliant. Site owners are ultimately responsible for the data collection and storage of plugins, so review your plugins carefully.
  5. Make sure all newsletters, downloads, etc. are asking for consent/are opt-in instead of opt-out. Already-checked consent boxes are a breach of GDPR.
  6. Consider a Cyber Liability insurance policy that protects against data breaches and other losses of personal data.

There is an excellent checklist in this post on these other considerations for compliance.

Is it likely that your small business site will ever be involved in a GDPR dispute? Hard to say, but it seems much more likely that the targets of such disputes will most likely be very large companies, at least in the beginning.

There will be more to come on this topic… GDPR is still in its early stages and evolving.

Some other references on GDPR:

GDPR: How it Affects WordPress Site Owners and Developers
GDPR Compliance Tools in WordPress
5 Actionable Steps to GDPR Compliance with Google Analytics
The Complete WordPress GDPR Guide
Worried About WordPress and the GDPR? Start Here
Ask Yoast: Preparing for the GDPR

Did you find this useful? Please share with your friends and colleagues!

Weekly Links Roundup – Privacy Settings, GDPR Plugins, Affiliate Programs, Admin Columns

by Leave a Comment

This week’s WordPress and web marketing links.

Have you noticed the new Privacy settings page under Settings? This is a new WordPress feature that’s just come out in advance of the GDPR (General Data Protection Regulation) going into effect in the EU on May 25. The GDPR requires site owners to be transparent about how they collect, use and share personal data, and to provide ways for users to review, correct and remove personal data from websites. Add your privacy page in the settings – and if you don’t have one there are some guidelines for creating them.

There are a number of GDPR plugins for WordPress already. Of the ones I’ve checked out, this is the most useful so far: GDPR Personal Data Reports. This plugin makes it super-easy for your users to request a copy of the data on your site, and to request deletion. It’s all automated and requires confirmation from the user before any actions are taken, plus it logs each request in the dashboard for you for record-keeping.

If you’ve thought about monetizing your WordPress site for more income, here’s a post about setting up either an affiliate or referral program in WordPress. These programs use a special link to your site that you share with your affiliates and referrers; they promote your site on their own websites and when someone clicks through, they get a small commission. Several plugins that can help you set up your own program are reviewed.

Finally… a review of the Admin Columns plugin for WordPress. This is a handy tool that lets you fully customize the columns for your Pages and Posts pages in the dashboard – reorganizing, adding or deleting columns, sorting, filtering and even editing content items in columns! There’s a drag-and-drop interface and over 390 different column types to pick from.