Issue #131
Doing a data inventory (for GDPR)
OK, let’s continue on this truly FASCINATING topic of the GDPR!
[cough]
Hey, it might not be the sexiest of topics, but we can’t ignore it. It is what it is. So, let’s continue…
One of the first things you need to do to get compliant with GDPR is to take a real look at what data your site is collecting, where it is stored, and where it is being sent.
This might seem obvious, but it is also quite easy to get complacent about it and not really pay attention. We get so interested in just making things work that we don’t actually consider it from a user data perspective. And I think one of the benefits of GDPR is that it actually gets site owners to think about this stuff.
So, you need to take a look at your website and take inventory of all places where user data is submitted, where it is sent and stored. Let’s go through it, using BMA itself as a starting point…
#1 – Blog Comments
Lately, I haven’t been running comments on my blog because I was having an issue with Thrive Comments. But, I wanted to mention this because I know many of YOU are running comments.
This means you’re taking their email address and their name and usually their IP address and you’re storing it in your Wordpress database. Make note of that. You’ll need to add a consent field to your blog comments (and I expect Wordpress to make this standard practice in a future update).
#2 – Contact Forms.
I have a primary contact form on my contact page. But, I also have similar forms in other places, for instance…
- When Lab members are submitting office hours requests or member feedback requests
- When a person submits a testimonial using my Thrive Ovation form.
- When a person applies for a coaching session.
You get the idea. And, in your case, you need to take inventory of every place on your website where you have a form like this that people can submit.
Most of my forms use Gravity Forms. This plug-in stores the input in my database. So, I will need to update each of these forms to inform users, get consent. I will also need to make note of this in my privacy policy. I’ve actually already just added this consent field to my contact form, if you want to see what I did.
#3 – Opt-in Forms
Obviously, I have multiple forms on my site, both on-site opt-in forms as well as full landing pages. The data is collected by the Thrive Leads plug-in and then sent to my email list host – Drip.
Thrive Leads does store the data in my database. It keeps a running record of email subscribers, mainly for the purposes of email analytics. You can see email addresses, what form they opted in with, etc. This is in addition to the data being sent to Drip.
Drip is going to be fully GDPR-compliant by the 25th of May. And the fine folks at Thrive Themes are working on updates to ensure data portability and erasure ability on all user data collected by their plug-ins. See the Thrive Themes post on GDPR. I will just need to ensure I have consent on the opt-ins and spell out what happens in my privacy policy.
I’m also looking into the possibility of addressing consent via an automation after they subscribe rather than on the opt-in form. Using Drip, I could send them a consent email if they’re based in the EU. If they agree, cool. If not, I auto-delete them. I’m still scoping things out here, but I am aware that adding checkboxes to all opt-in forms could hurt conversion rates. And, if it isn’t absolutely necessary, I’m going to avoid it.
#4 – Checkout Forms
If you sell anything, then you obviously are getting additional user data at the time of the transaction. In my case, I use MemberMouse to power everything. When a customer buys something, I receive their information and it is stored in my database. Payment information is NOT stored locally, as all payments are handled by Paypal and Stripe.
MemberMouse, though, has their name, their email and in some cases their address (if entered at checkout). Also, MemberMouse logs all activity when people are logged into The Lab, including IP address. My “to do” on this will simply be to, once again, get user consent as well as spell it out in the privacy policy. Also, if for some reason a person requested to be deleted, I can do that. Lastly, members already have the ability to edit their own info inside the membership site.
I am in touch with MemberMouse support about any other specific updates re: GDPR. Word is they’re going to be issuing an update this week.
I also have a private database which is integrated with MemberMouse and member data is synced there behind the scenes. I do this only for tracking purposes. But, as a “to do”, I am going to need to audit that system to ensure only the data absolutely needed is stored. And, of course, the consent I already mentioned.
#5 – Analytics & Tracking
If your site is using any kind of Analytics software or tracking users in any way, then that needs to be looked at. For instance, I use Google Analytics like most people.
Now, in the case of Analytics, Google is the data processor and, as such, it is their responsibility to ensure things are kosher. And, they are. But, it doesn’t mean you can just leave it all to them. You need to ensure that no personally identifiable information is being sent to Analytics by accident.
For instance, if you were passing a user’s information in a URL as part of a form submission anywhere ( like “email=XXXX” in the URL itself), then you’d have a case where their email is being seen by Analytics. Your best case here would be to change things up so that that you’re not passing user info in the URL.
Also, with Analytics, you can turn on IP anonymization.
In any other tracking software you use, you need to take a look at whether any personal info is being fed in there. For instance, many services make use of a user ID, a hashed email address, or a transaction ID for certain tracking. As long as this data is pseudonymous (a concept from GDPR), it is OK. This means that the passed data cannot be tracked back to an individual.
Where things get weird is abiding by the user deletion rules. If a user requests deletion, how do you do that with a tracking program? Well, it gets messy, to be honest. Good news is that it has apparently been confirmed that Google will be making changes to Analytics to enable such deletion. And, in many cases, you can handle the issue by just anonymizing it so that it cannot be hooked to any individual.
#6 – Retargeting
If you’re doing any paid advertising which retargets your email subscribers, web visitors, etc… then you need to inform users of this in your privacy policy.
Also, when it comes to uploading email lists for retargeting audiences, there will be changes coming to attest user consent to this. I don’t know what those changes will look like yet, so we’ll need to watch for it.
….
So, you need to look at this for YOUR site. Obviously, the more active your blog/business is, the more things you’ll need to look at.
A simple blog that doesn’t sell anything is likely only going to need to put consent on the comments and any contact forms – and that’s about it. You’ll also need that privacy policy just stating what’s going on with their data.
But, as you begin to get into paid ads, making online sales and using various tracking software… things get more complicated.
Just take an inventory of every place on your site which accepts user data. Also, look at what user data might be being kept automatically (like server logs, Analytics, etc.).
Then, it mainly comes down to:
- Ensuring your privacy policy properly reflects what’s going on.
- Ensuring user consent is being gotten at points where they are submitting data.
- Having a way to abide by any potential requests to delete that information (which honestly, likely won’t happen often).
Isn’t this…. FUN!
I know I’m having fun!
It’s like getting a damn root canal and being forced to listen to Kenny G music. 😉
More of this fun mañana.
– David