GDPR for Bloggers: How to Make Your Site Compliant




As the owner of a blog or similarly simple website, you may be wondering if the same rules of commercial sites and apps apply to you.

To answer that question, here are a couple of things you need to consider:

  • Are you collecting/interacting with the personal data of your readers (eg. names, usernames, email address, IP addresses, session activity or payment details)?

  • Do you have a contact form or newsletter sign-up?

  • Do you use any third-party widgets or services (for example, Google Analytics or AdSense)?

If you answered yes to any of these, then many of the same privacy rules that apply to commercial websites and apps will apply to you.

Legal requirements in general

Major legislations

  • In the US privacy laws can vary widely and are often implemented on both a State and Federal Level.

  • In the EU, the main data privacy regulations are the General Data Protection Regulation (GDPR) and the ePrivacy Directive (the Cookie Law).

Which Regulations apply to you?

As mentioned above, if you implement any kind of service that interacts with the personal data of users, you’re legally required to have a privacy policy in place and to comply with applicable data privacy laws. Generally, these laws apply to any service targeting residents of the region, which effectively means that they may apply to your business whether it’s located in the region or not.

For the most part, compliance requires that you disclose data collection, inform users of their rights in regards to their data and implement methods of receiving/rescinding consent. Failure to adhere to data privacy laws can result in hefty fines, leave you open to litigation and negatively affect the credibility of your website. Contact Ascentrix Consulting for more information.