On May 25th the European Union’s new General Data Protection Rule (GDPR) will go into effect.

If you are unaware of the GDPR and you are a small business owner or online entrepreneur, then you will want to listen up. The GDPR most definitely impacts your online business, even if you don’t live in the EU.

However maybe you have heard of the GDPR and you are beginning to worry what it will mean for your business. You heard something about having to hire dedicated Data Protection Officers and you immediately began to think of all the additional overhead costs this could lead to.

But there is good news.

If you’ve already been doing everything necessary to legally protect yourself and your business in the digital space, then not much is going to change for you.

In fact, some of the measures required by the GDPR are already legally required by other jurisdictions, such as California and Canada where there are already pretty stringent rules in place when it comes to the management of sensitive and personally identifiable data and information. Even the EU’s previous rule on the matter was no slouch.

That said, what the coming of the GDPR does mean, is that it is as important as ever that your website and online presence is compliant not only with the GDPR but also with all the other similar rules and regulations in other countries.

Because remember that while the country you live in may have borders, the internet does not. Meaning your digital footprint is global and knows no bounds. And thus you are liable for any damage that your online presence may cause wherever in the world it may happen

So to make sure you are compliant with all of the various rules and regulations from around the world that impact our use of the internet, it is best to follow several generally agreed upon best practices.

First and foremost, it is absolutely crucial that your website has a Privacy PolicyIn fact, a link to your privacy policy should be included in the footer of every page of your site. The purpose of a Privacy Policy is to explain to users of your site what data you collect from them, what you do with that data, where you store the date, who you share the data with, and how your individuals can contact you to request copies of any data you have obtained from them. The importance of this document cannot be understated. It is a legal requirement jurisdictions across the globe and there are penalties for not having a Privacy Policy on your site.

Once you have your Privacy Policy in place the next thing you are going to want to put on your website is some form of Cookie Notice. In case you don’t know, cookies are small text files stored in your computer by websites as a way for those websites to recognize you and keep track of your preferences. You may think your website doesn’t use cookies, but unless you are an experienced web developer, I wouldn’t bet on it.  And in any case it’s fairly simple to install a plugin on your site that has a small banner popup letting visitors to your site know that it uses cookies.

The next thing you want to make sure you have on your website is a Disclaimer. A disclaimer is your way of letting visitors to your website know what they can and cannot expect to get from the information found on your website. The disclaimer is your opportunity to make abundantly clear to folks that, for example, as a health coach you are simply providing information for educational purposes and your are NOT providing medical advice or care. This is super important and can be an important protection against unwanted liability.

And we aren’t stopping there. Your website still needs one of the most important documents your business will rely on: Terms and Conditions. Your website’s Terms and Conditions will operate as a contract between you and your site’s visitors. Your T’s&C’s are where you will turn in the event a dispute arises between you and a client or customer. This is why if you sell goods or services through your site a set of website terms and conditions is mandatory. In fact, it’s not good enough to just have the terms and conditions on your site, you must have a proactive mechanism such as a clear statement of the terms along with an unchecked box that requires the reader to check the box indicating they agree to the terms and conditions before proceeding to payment. Nearly all shopping cart programs and software options provide for these kinds of checkboxes so it’s not too difficult to implement this step. And it is absolutely required.

The only other thing to think about is any requirements to proactively register your online presence with a government entity. As of now, any such requirements are handled through your web host. For example, in regards to the requirement that the internet hosting provider of any website must be publicly registered with The Internet Corporation for Assigned Names and Numbers (ICANN), your hosting provider submits that information when you purchase your hosting plan. This is something to be aware of though as registration requirements will vary based on your location.

And that’s basically it. As long as you are small and you use third parties like PayPal and Stripe to process financial data and third party platforms like MailChimp or ConvertKit to store your customer contact information, that should be enough.

To recap, you want to make sure you have the following in place:

Of course if you have any questions about any of this, please do let me know by emailing me at sean@diythelaw.com or book in for a FREE consultation by going to https://diythelaw.youcanbook.me

🙂

Sean