This post is a part of a training series that I have created in collaboration with iubenda – one of the proud sponsors of the 2020 WP Agency Summit.
You can read the other articles in this series here:
Part 1: What WordPress Agencies Should Know About GDPR & Cookie Law Compliance
Part 3: There is more than just GDPR
Part 4: Common questions around GDPR
Part 5: How to sell a GDPR-related service
Thanks again for signing up for this free training on selling GDPR-related services to your customers.
In Part 1, we spoke about the basics of GDPR and that it might be a good idea to incorporate GDPR-related services into your existing maintenance packages.
In Part 2, I want to give you three examples of how GDPR is impacting your customer’s websites right now. The examples will be simplified but they are true and can yield to fines.
You can use these examples to prove to your customers that they need to care about GDPR and other regulations. Being compliant with these laws can become very costly – which gives you a great chance to position yourself as an expert that deeply cares about the companies you’re working with.
Heads-up any business needs to comply with GDPR if it receives website visitors from the European Union.
Now, let’s dive into the first example:
Legal Documents A Website Needs
Before you can process any data on your website, e.g. via a contact form, you need to have a Privacy Policy on your site. The purpose of that policy is to explain how the data is collected, used, and stored – essentially it informs your visitors about everything they need to know.
Creating this policy is not as simple as copy & pasting a policy from a different website. It needs to be custom-written and tailored specifically to the website you are working on.
Another requirement is that the privacy laws and regulations constantly evolve. Therefore, your Privacy Policy would need to do the same.
Google Analytics & Other Tracking
You cannot fire any tracking pixel, no matter whether that is Google Analytics, Facebook Pixel, or something else, without the consent of the website visitor. The times where just embedding Google Analytics into a website was enough are over.
This is a major compliance issue.
The only case in which directly firing a tracking pixel is ok, is when you block access to the site from all countries in the European Union and from countries with regulations similar to the GDPR.
Email List Opt-In Forms
Before somebody can subscribe to an email list, you need to collect their consent about how their data is stored and how it will be used.
You can see this in action on my WP Agency Summit website, on any opt-in form.
If you cannot protocol this consent and still send email newsletters to subscribers, you can get fined. It is a really big issue that can negatively impact conversion rates on opt-in forms. But equally, it will improve the quality of subscribers on your list – because they jumped through the hoop before subscribing.
These are just three examples of how GDPR applies to websites. We all know that many more occasions exist.
Staying up to date with all the regulations is impossible for agency owners and business owners alike. That is why I keep referring people to iubenda. Their lawyers do the work for us.
Obviously, there are other service providers with similar offerings. But I have yet to find a vendor that works as smoothly as iubenda and offers such a compelling partner program.
In the next article, I will shed some light on common questions around offering these GDPR-related services.
If you have questions already, feel free to shoot them over via email or leave a comment below!
Part 3 in this training series is “There’s more than just GDPR you need to know“. Keep an eye out for that email, it is going to be good.
All the best,
Jan
