Practical GDPR tips for bloggers

GDPR tips and plugins for bloggers personal websites

With the abundance of how-to and blogging tips sites you’d expect to easily find some practical info about GDPR for bloggers and small site owners. But it seems some of these sites offer limited practical tips when it comes to applicable solutions. After having friends asking for advice, I’ve decided to write this article and provide some practical info with the help of some plugins for WordPress sites. The best way to apply these tips, is to read each one carefully, check whether the latest version of WordPress has the functionality built-in (it should if you’re using version 4.9.6 and above) and then see which of the suggested plugins might be useful to you (I’m not affiliated with any of these plugins, so you’re free to look for alternatives).

The boring but important introduction (so that you don’t blame me afterwards)

Before that, I need to stress a few really important things. First and foremost, the fact that you’re going to use a plugin doesn’t necessarily mean that you will make your site 100% GDPR compliant. Many plugin developers also emphasize this in their support pages. You should bear in mind that these plugins cover only a basic fraction of GDPR. Most of the work will have to be done by your website developer and you should ask advice from a lawyer. Second, the plugins discussed seem to offer basic GDPR functionality for the time being (I cannot be held responsible if they add/remove features or lose their functionality in the future). This relates to my third point: a few of these plugins might be obsolete if some of their functionality is included in the future versions of WordPress (UPDATE: indeed, even before I hit the publish for this post, a new WordPress version was out, thankfully covering many GDPR areas. After all, the fewer plugins a site uses, the better).

Commenting system

Most people seem to be ignoring this. Your users should know that you are storing their comments and that they can ask for their deletion if they wish so. Luckily, the new WordPress update (4.9.6) has a GDPR commenting system that offers an opt-in checklist for the users, which they can tick before submitting their comments. Bear in mind that if you’re using the Jetpack plugin in its current version (6.1.1 and below) you need to go to Settings → Discussion and untick “Let readers use WordPress.com, Twitter, Facebook, or Google+ accounts to comment”.

If for any reason you do not have WordPress 4.9.6 installed, or you are using another plugin for your comments, make sure you always state clearly in your comment form that comments and the profile of every user are collected by your site. This plugin seems to do the job for the time being, in case you are using an older version of WordPress or want to use the Jetpack commenting system: WP GDPR Compliance. Among other things, it lets you add a privacy checkbox to your comments. Note: at the moment you need to disable the Jetpack commenting system (if you’re using it) for this to work.

Forms and newsletters

Who doesn’t have a form or another on their site nowadays? Again, forms need to explain that the info the users are providing will be stored by the site and that they can revoke access, unsubscribe from the newsletters, etc. The WP GDPR Compliance plugin mentioned above should work if you’re using Contact Form 7 forms (or you can do it manually as explained here.)

If you’re using Mailchimp for your newsletter you’ll be happy to know that GDPR compatibility is already in place for certain styles of forms only (again, for the time being). To enable them use this simple guide from Mailchimp.

Google Analytics

Yes, you do need to tweak some things in Google Analytics for your site to be GDPR compatible. Google has introduced the Data Retention Control mechanism that allows you to select how long Google will be storing your data for. This should be set from here, using this guide. Another thing you should consider is the option to anonymize the IP of your visitors. This can be done by editing your analytics code and adding a line of code as shown here.

If this is too technical for you, don’t worry this plugin seems to provide the option of IP anonymization in its settings: GA Google Analytics.

Otherwise, if you’re using MonsterInsights, the latest version includes the option for IP Anonymity.

Privacy Policy and Cookie Policy

There are quite a few free GDPR privacy policy templates if you just google for this term. However, you need to remember that a ready-made privacy policy that you just copy and paste onto your site does not automatically make your site GDPR compatible. Same for cookie policies. If you’re using Jetpack, the latest plugin version has an updated GDPR cookie policy widget. If not, then you can try another plugin like Cookie Notics by dFactory which asks for the user’s consent before storing cookies. Update: Luckily, WordPress 4.9.6 includes the option to generate your own Privacy Policy. Read the official announcement here.

Protect your site from cyber attacks

There are many plugins that protect your sites from malicious attacks and unauthorized access. One of the most popular is the Wordfence security plugin, the free version of which seems to offer the basic functionality needed by some users.

At this point, SSL is crucial

With Chrome announcing it will start marking sites without an SSL certificate as non-secure and with GDPR already in place, you have no excuse not to install an SSL certificate on your WordPress site. What you probably don’t know is that there are some free SSL alternatives like Let’s Encrypt, that offer the basic protection only but at least you have a site that is marked as secure. Most hosting providers should provide some of the free SSL alternatives as part of their service through their control panels (you should probably ask for their availability first). If not the Let’s Encrypt site has a guide for manual installation.

And the most important thing of all

Finally, I can’t emphasize enough that the above steps in the this post will not make your site 100% GDPR compliant. This cannot be done with the help of the aforementioned plugins alone. This cannot be done by using a ready-made privacy policy or a privacy policy generator. You need to review your Terms, Cookie Policy, Privacy Policy carefully, among other things.

You have to make sure of the following: That you cannot store any personal IP data from your users without them knowing and without them using your consent. This extents to 3rd-party plugins that you use on your site, all tracking cookies, analytics services, comments and anythign or anywhere your user details might be recorded. If the users asks for their data to be sent to them or completely removed from your site you should be able to do this. Again, the latest version of WordPress (4.9.6) has two new options: Data Export and Data Erasure.

Final Disclaimer:
In order for your site to be fully GDPR compliant you need to speak with a lawyer and your website developer. The instructions in this post are just for basic guidance and do not fully extend to all aspects of the GDPR scheme. Even to the areas which these tips cover, further work will probably be needed for them to have full GDPR compatibility. Again, I repeat: Your site will not be 100% GDPR compliant if you just follow the instructions of this post.

Webjets

An online desktop

The concept behind Webjets is organising your thoughts using simple cards. Think of it as an alternative desktop that is accessible from your web browser. In this new desktop, you can insert YouTube videos, to-do lists (or any kind of lists), folders, bookmarks, tables, Wikipedia articles, even mind maps, and of course you can attach files.

Webjets creative desktop review
Source: Webjets.io website

Now you will probably think that a desktop featuring all the above would be cluttered, but that is not the case. The magic of Webjets is that all features share the same mainstream card design, so they are visually pleasing and easy to locate. Not to mention that you can change the background to whatever suits you.

One of the killer features though is the fact that when you embed, say, a Google Doc or an Excel file on your Webjets desktop, the document stays open on it, enabling you to view and edit it on the spot!

Best of all? Webjets offers online collaboration.

A variety of uses

When is this useful? I’m a writer so just think of the possibilities of using such an app to create your storyboard and include your research on the same page. I can have my mind map showing different character relations, a chapter outline as a list which I can change anytime, inspirational YouTube videos and my background research neatly structured into folders.

Webjets creative desktop review
Source: Webjets.io website

This is also quite useful for my academic papers. Again, the research could go into folders, along with my bookmarks and research papers attached. Of course, the main benefit here would be the collaboration feature: colleagues could not only have a look but also edit and provide feedback to my papers.

Overall, I can envision the online collaboration feature being really useful among architects, engineers, graphic designers, students, bloggers, teachers, editors, researchers, covering any kind of creative and collaborative needs.

Fast, efficient, simple UI, free tier

As for it usability, the service is quite fast as it is, in fact I had no problems using it, with the user interface being clear and very easy to follow. There are two pricing tiers: free and premium, the free version limited to 200 notes per user (which should be enough for most people). Even though the app is still in its beta stage, it looks very promising. I could go as far as argue that a virtual online desktop like the one offered by Webjets is what has been missing in a market overcrowded with creative apps. A great idea and excellent work behind it – do give it a try.

The new Gmail is a time-saver!

Gmail logo

Essential redesign

Ok, apart from the much-needed makeover the new Gmail is absolutely awesome. A lot has been said about the snooze feature which is certainly very handy: if you think an email can wait, you just snooze it for a later date (think of it as a reminder).

The other important feature is the “expiry date” you can set on an email. After this date, the recipient cannot access it anymore (very useful for private messages or messages that are no longer needed after a specific date). However, the three features below really stand out for me and their importance hasn’t been stressed enough.

New Gmail, material redesign
Source: (Official Gmail blog)

Sidebar: Tasks, Calendar, Keep

A sidebar is crucial because when writing a message you need to be able to have your calendar open next to it so you can schedule your meetings and important dates. No need to open a separate calendar window and waste time or lose track of what you were about to say.

Your tasks and to-dos are also presented next to your messages so you can easily organise your day. Same for your Keep notes. Let’s say you’re running some errands outside and you take a picture of an item or note down an important address in Google Keep, something you need to email later on. When you sit down to write that email, your Google Keep notes are right next to you. How handy is that?

Visible attachments in your Inbox

This is true! You no longer need to open each different email individually to check if the file you’re looking for is there. Now attachments can be displayed under the title of the email in your Inbox. Just click on them and they are instantly downloaded on your hard drive. A time saver? Definitely. It makes you wonder why on earth this hadn’t been there in the first place!

AI in your email: Smart compose

This is the latest feature (you can enable it by going to the new Gmail settings and enable “Experimental access” in the General tab). What it basically does is auto-complete your sentences with suggestions as shown below. Neat!

New Gmail, material redesign
Source: (Official Gmail blog)

Should I switch from Outlook.com?

It depends. The classic folder-structure of Outlook.com seems to resemble more they typical business email clients. The interface might still look a bit cleaner for paid customers, but for free uses the big ads on the right-hand side of the screen are distracting. Outlook.com does have a wonderful Sweep function that can immediately get rid of emails with the same title or content. But then again, the improved Gmail functionality is hard to beat: who doesn’t want to have access to their calendar, important notes and tasks right next to them while composing a new message? Along, with the visible attachments right in your Inbox, the new Gmail could be a winner, saving you lots of valuable time.