{"id":187606,"date":"2018-05-22T18:29:43","date_gmt":"2018-05-22T16:29:43","guid":{"rendered":"https:\/\/loudavymkrokem.cz\/?p=187606"},"modified":"2026-06-05T21:05:17","modified_gmt":"2026-06-05T19:05:17","slug":"gdpr-bloggers-complete-guide","status":"publish","type":"post","link":"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/","title":{"rendered":"Complete GDPR Guide for Bloggers in 8 Steps"},"content":{"rendered":"\n<p>At the end of May 2018, the EU&#8217;s General Data Protection Regulation (GDPR) came into effect \u2014 and it&#8217;s something every blogger needs to take seriously. These are the new rules for anyone collecting personal data within the EU, such as email addresses, IP addresses, and more. If you&#8217;re one of the many GDPR bloggers still trying to figure out what to do, this guide is for you.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p><strong>So does this new regulation apply to bloggers too? Yes, without exception.<\/strong><\/p>\n\n\n\n<p><em>&#8220;Apparently I have to email all my readers again to re-subscribe to my mailing list? And I&#8217;m supposedly not allowed to collect cookies anymore?!&#8221;<\/em><\/p>\n\n\n\n<p>The internet is full of apocalyptic scenarios like these, but <strong>GDPR really isn&#8217;t that scary<\/strong>. You just need to work through it step by step. We&#8217;ve put together a guide on what to change on your blog to comply with the new regulation. We&#8217;ll also advise you on what to do with your existing email subscribers.<\/p>\n\n\n\n<p><em><strong>DISCLAIMER.<\/strong> We are not lawyers or data protection experts. Everything you read here is simply our interpretation of the GDPR regulation, from a blogger&#8217;s perspective. When gathering information, we relied on the regulation itself and how others have handled it. We reviewed several large and small bloggers and online businesses and their approaches to GDPR compliance. Don&#8217;t take this article as gospel \u2014 treat it as a guide to help you navigate GDPR in your specific situation. Right, let&#8217;s get into it!<\/em><\/p>\n\n\n\n<p>The purpose of GDPR is to give the customer (or in a blogger&#8217;s case, the reader) greater control over their data. So the more transparent you are about how you process data, and the more control you give your readers, the more likely you are to meet all the requirements.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#What_Data_Do_Bloggers_Collect_from_Readers\" >What Data Do Bloggers Collect from Readers<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#1_Use_Checkboxes_or_Another_Form_of_Consent_Whenever_a_Reader_Provides_Data\" >#1 Use Checkboxes (or Another Form of Consent) Whenever a Reader Provides Data<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#SAMPLE_TEXT\" >SAMPLE TEXT<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#2_If_You_Want_to_Be_Fully_Covered_Use_Double_Opt-In_to_Confirm_Consent\" >#2 If You Want to Be Fully Covered, Use Double Opt-In to Confirm Consent<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#3_Prepare_a_GDPR-Compliant_Privacy_Policy_and_Publish_It_on_Your_Website\" >#3 Prepare a GDPR-Compliant Privacy Policy and Publish It on Your Website<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#4_Let_Your_Existing_Subscribers_Know_Youre_GDPR_Compliant_or_Request_Their_Consent\" >#4 Let Your Existing Subscribers Know You&#8217;re GDPR Compliant, or Request Their Consent<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#5_If_You_Tag_Readers_and_Collect_Emails_from_Multiple_Forms_Plan_Your_Structure\" >#5 If You Tag Readers and Collect Emails from Multiple Forms, Plan Your Structure<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#6_%E2%80%9CLegitimate_Interest%E2%80%9D_and_How_to_Work_With_It\" >#6 &#8220;Legitimate Interest&#8221; and How to Work With It<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#7_Using_Cookies_and_Tools_Like_Google_Analytics\" >#7 Using Cookies and Tools Like Google Analytics<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#8_Readers_Can_Request_All_the_Information_You_Process_About_Them\" >#8 Readers Can Request All the Information You Process About Them<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#Summary\" >Summary<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/loudavymkrokem.cz\/en\/gdpr-bloggers-complete-guide\/#Our_Template_to_Help_You_Create_Your_GDPR_Document\" >Our Template to Help You Create Your GDPR Document<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_Data_Do_Bloggers_Collect_from_Readers\"><\/span>What Data Do Bloggers Collect from Readers<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p>When the EU talks about data processing, they mean any data you collect about users and the ways you handle it. Personal data refers to information that can directly or indirectly identify a reader \u2014 names, addresses, phone numbers, emails, but also IP addresses and other identifiers. <strong>So if you do or have any of the following on your blog, GDPR applies to you<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You collect email addresses \u2014 e.g. you send newsletters<\/li>\n\n\n\n<li>You have comments enabled on posts (especially on WordPress)<\/li>\n\n\n\n<li>You track user behaviour, e.g. with Google Analytics<\/li>\n\n\n\n<li>You have a contact form on your blog<\/li>\n\n\n\n<li>You use plugins that collect user data<\/li>\n\n\n\n<li>You run competitions and giveaways<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Use_Checkboxes_or_Another_Form_of_Consent_Whenever_a_Reader_Provides_Data\"><\/span><span class=\"ez-toc-section\" id=\"Use_checkboxes_for_consent\"><\/span>#1 Use Checkboxes (or Another Form of Consent) Whenever a Reader Provides Data<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Whenever you collect personal data from a reader, you must do so with their explicit consent. It must also be clear at the point of data collection what you&#8217;ll be using the information for. So if a reader gives you their email to receive updates, they must explicitly agree that they want to receive those updates from you.<\/p>\n\n\n\n<p>The simplest option is to add a checkbox that gives you clear consent from the reader. It&#8217;s a bit tedious, but it covers you on all fronts. Here&#8217;s what it looks like on our site, Loudav\u00fdm Krokem:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-1-1024x734-1.png\" alt=\"Consent for receiving emails\" class=\"wp-image-56223\" width=\"344\" height=\"246\" title=\"\"><figcaption class=\"wp-element-caption\">Consent for receiving emails<\/figcaption><\/figure>\n<\/div>\n\n\n<p>A second option is to build the consent directly into the button. For example, when signing up for a course, you confirm consent by clicking the sign-up button itself.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-2.png\" alt=\"Consent built into the sign-up button\" class=\"wp-image-56224\" width=\"314\" height=\"477\" title=\"\"><\/figure>\n<\/div>\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"SAMPLE_TEXT\"><\/span><strong>SAMPLE TEXT<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>To make things even easier, we&#8217;ve prepared a sample consent text for you. Replace the dots with a list of what you&#8217;ll be sending readers by email, and link the last sentence to your privacy policy. (You can download a privacy policy template in just a moment.)<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>SAMPLE CONSENT TEXT:<\/strong> <em>By clicking &#8220;I agree&#8230;&#8221;, you consent to receiving \u2026\u2026\u2026\u2026\u2026. If you no longer wish to receive emails, you can unsubscribe and withdraw this consent at any time via the unsubscribe link in every email. Read more about our privacy policy here.<\/em><\/p>\n<\/blockquote>\n\n\n\n<p>If you collect data using standard WordPress forms, the <a href=\"https:\/\/wordpress.org\/plugins\/wp-gdpr-compliance\/\" target=\"_blank\" rel=\"noopener\">WP GDPR Compliance<\/a> plugin will do the job. If you collect emails through Mailchimp, ConvertKit, or other services, you&#8217;ll find solutions built into their platforms.<\/p>\n\n\n\n<p>The game plan is simple: for every reader, you need a record of how and when they gave you consent to receive emails.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_If_You_Want_to_Be_Fully_Covered_Use_Double_Opt-In_to_Confirm_Consent\"><\/span><span class=\"ez-toc-section\" id=\"Use_double_opt-in\"><\/span>#2 If You Want to Be Fully Covered, Use Double Opt-In to Confirm Consent<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Although GDPR doesn&#8217;t explicitly require it, <strong>having a double opt-in is highly recommended<\/strong>. After someone signs up for your newsletter or a course, you send them a confirmation email with a button they need to click to confirm they actually want to hear from you. If they don&#8217;t confirm, they don&#8217;t get added to the list. <strong>Why is this useful?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You get double confirmation of consent to receive messages<\/li>\n\n\n\n<li>You can be sure the reader is genuinely interested in your content<\/li>\n\n\n\n<li>If they made a typo in their email address, you won&#8217;t end up with a useless entry in your database<\/li>\n<\/ul>\n\n\n\n<p>Here&#8217;s what a double opt-in email looks like:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"531\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-3-1024x531-1.png\" alt=\"Double opt-in: confirming subscription consent\" class=\"wp-image-56225\" title=\"\"><figcaption class=\"wp-element-caption\">Double opt-in: confirming subscription consent<\/figcaption><\/figure>\n\n\n\n<p>Only after clicking the confirmation button is the email added to the database and the email sequence triggered. Personal data of users who don&#8217;t give consent must be deleted from your database without undue delay.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Prepare_a_GDPR-Compliant_Privacy_Policy_and_Publish_It_on_Your_Website\"><\/span><span class=\"ez-toc-section\" id=\"Prepare_a_GDPR_privacy_policy\"><\/span>#3 Prepare a GDPR-Compliant Privacy Policy and Publish It on Your Website<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Creating a privacy policy is what people dread the most. But you don&#8217;t need to worry \u2014 we&#8217;ve prepared a template that you just need to fill in with your own details. <a href=\"https:\/\/loudavymkrokem.cz\/en\/?page_id=73817\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Here&#039;s what ours looks like. (opens in a new tab)\">Here&#8217;s what ours looks like.<\/a> You need to create a privacy policy for every blog you run and place it in your menu (a dropdown works fine). What goes into a privacy policy:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Who you&#8217;ve designated as the data controller<\/li>\n\n\n\n<li>What data you process and for what purpose<\/li>\n\n\n\n<li>Who else you share the data with<\/li>\n\n\n\n<li>How you protect the data<\/li>\n\n\n\n<li>Readers&#8217; rights<\/li>\n<\/ul>\n\n\n\n<p>In our template document, we&#8217;ve highlighted where you need to fill in your own details, and the comments explain exactly what to write. \ud83d\ude42<\/p>\n\n\n<div style=\"gap: 20px;\" class=\"align-button-center ub-buttons orientation-button-row ub-flex-wrap wp-block-ub-button\" id=\"ub-button-c6ca1b51-dec3-4faf-b761-91bf4c699f9d\"><div class=\"ub-button-container\">\n\t\t\t<a href=\"https:\/\/form.simpleshop.cz\/JWaY\/\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"ub-button-block-main   ub-button-flex\" role=\"button\" style=\"--ub-button-background-color: #ff0000; --ub-button-color: #ffffff; --ub-button-border: none; --ub-button-hover-background-color: #313131; --ub-button-hover-color: #ffffff; --ub-button-hover-border: none; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; border-radius: 10px; \">\n\t\t\t\t<div class=\"ub-button-content-holder\" style=\"flex-direction: row\">\n\t\t\t\t\t<span class=\"ub-button-block-btn\"><strong>Buy the template for 2.50 \u20ac (the price of a \u2615\ufe0f)<\/strong><\/span>\n\t\t\t\t<\/div>\n\t\t\t<\/a>\n\t\t<\/div><\/div>\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"489\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-4-1024x489-1.png\" alt=\"Sample privacy policy template form\" class=\"wp-image-56231\" title=\"\"><figcaption class=\"wp-element-caption\">Sample privacy policy template form<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"4_Let_Your_Existing_Subscribers_Know_Youre_GDPR_Compliant_or_Request_Their_Consent\"><\/span><span class=\"ez-toc-section\" id=\"Notify_existing_subscribers\"><\/span><strong>#4 Let Your Existing Subscribers Know You&#8217;re GDPR Compliant, or Request Their Consent<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Now we&#8217;re getting to the crux of the matter. You probably have dozens, hundreds, or maybe even thousands of emails in your database. So what do you do with them? Should you send everyone a new registration form to re-confirm consent? Or can you leave it as is?\n\n<strong>It depends on how well you&#8217;ve been collecting emails up until now.<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>You collected emails for a specific purpose and you&#8217;ve kept your word<\/strong><\/li>\n<\/ol>\n\n\n\n<p>If you&#8217;ve been collecting emails in a way that already aligns with GDPR requirements, you don&#8217;t need to ask for consent again. GDPR-compliant collection means you can demonstrate when, how, and for what purpose a reader gave their consent and provided their email.\n\nIn that case, we believe it&#8217;s sufficient to simply let your existing subscribers know:\n<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>How you obtained their data (where they signed up)<\/li>\n\n\n\n<li>What you use the data for (what you send them)<\/li>\n\n\n\n<li>That you now process data in accordance with GDPR<\/li>\n\n\n\n<li>How they can unsubscribe<\/li>\n<\/ul>\n\n\n\n<p>Here&#8217;s how we handled it:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"931\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-7-1024x931-1.png\" alt=\"Example of a GDPR notification email to existing subscribers\" class=\"wp-image-56232\" title=\"\"><\/figure>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>You collected emails through generic forms (or other means), or you send content that readers didn&#8217;t sign up for, or you didn&#8217;t meet other requirements during collection<\/strong><\/li>\n<\/ol>\n\n\n\n<p>If you&#8217;ve got a guilty conscience because you either didn&#8217;t obtain emails with explicit consent, or you&#8217;ve been blasting all sorts of emails to your entire database, <strong>you&#8217;ll need to get explicit consent from every single reader \u2014 if you want to keep emailing them.<\/strong><\/p>\n\n\n\n<p>This was actually our situation. On <a href=\"https:\/\/loudavymkrokem.cz\/en\/\">Loudav\u00fdm Krokem<\/a>, we primarily collected emails through competitions and travel giveaways, and we never explicitly told readers that by entering a competition they were also subscribing to our newsletter. So we asked them to consent to everything we planned to send them:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-8-1000x1024-1.png\" alt=\"Consent request from Loudav\u00fdm Krokem\" class=\"wp-image-56233\" width=\"315\" height=\"322\" title=\"\"><figcaption class=\"wp-element-caption\">Consent request from Loudav\u00fdm Krokem<\/figcaption><\/figure>\n<\/div>\n\n\n<p>After clicking through, they land on a page where they need to tick a box explicitly confirming their consent.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-9-1024x673-1.png\" alt=\"Confirming consent to receive emails\" class=\"wp-image-56234\" width=\"376\" height=\"248\" title=\"\"><figcaption class=\"wp-element-caption\">Confirming consent to receive emails<\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"5_If_You_Tag_Readers_and_Collect_Emails_from_Multiple_Forms_Plan_Your_Structure\"><\/span><span class=\"ez-toc-section\" id=\"Plan_your_form_structure\"><\/span><strong>#5 If You Tag Readers and Collect Emails from Multiple Forms, Plan Your Structure<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Integrating GDPR into our form structure wasn&#8217;t easy, because we use quite a few of them. We have several interest categories that readers can sign up for, and we gradually tag all our subscribers (assign labels based on which we then send targeted content).<\/p>\n\n\n\n<p>Some readers are interested in cryptocurrency, others in online marketing or online business. If someone signs up for a cryptocurrency course, under GDPR you can&#8217;t just send them an article about promoting your blog on Instagram. That&#8217;s why it&#8217;s important to track who gave you consent for what. We recommend drawing yourself a map that&#8217;s easy to follow. Here&#8217;s ours:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"422\" src=\"https:\/\/www.loudavymkrokem.cz\/wp-content\/uploads\/2023\/05\/gdpr-10-1024x422-1.png\" alt=\"Map of GDPR consent structure across forms\" class=\"wp-image-56235\" title=\"\"><\/figure>\n\n\n\n<p>As you can see, we added GDPR double opt-ins to all entry forms through which a reader can sign up to our email database.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"6_%E2%80%9CLegitimate_Interest%E2%80%9D_and_How_to_Work_With_It\"><\/span><span class=\"ez-toc-section\" id=\"Legitimate_interest\"><\/span><strong>#6 &#8220;Legitimate Interest&#8221; and How to Work With It<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Within GDPR, there&#8217;s a concept called &#8220;legitimate interest,&#8221; which is an exception you can use as a basis for sending emails.<\/p>\n\n\n\n<p>For example, if someone purchases a travel mug from your shop, you can reasonably assume they&#8217;ll be interested in news from your store, and add them to your newsletter. This falls under legitimate interest for the purpose of direct marketing.<\/p>\n\n\n\n<p>However, be careful with legitimate interest \u2014 its definition is vague, and in our opinion, it&#8217;s better to use it as sparingly as possible. Instead, explicitly request consent for sending communications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"7_Using_Cookies_and_Tools_Like_Google_Analytics\"><\/span><span class=\"ez-toc-section\" id=\"Cookies_and_Google_Analytics\"><\/span><strong>#7 Using Cookies and Tools Like Google Analytics<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>If you use analytics tools to track user behaviour on your blog, such as Google Analytics, GDPR applies to you here as well.<\/p>\n\n\n\n<p>When a reader visits your website for the first time, Google Analytics downloads cookies to their browser that help Google track the user&#8217;s activity. Cookies collect personal data in the form of identifiers that can potentially be used for indirect identification.<\/p>\n\n\n\n<p>For this reason, you must inform visitors that you collect cookies. And not just that \u2014 they also need to know what data you collect, what you use it for, and how they can get rid of the cookies.<\/p>\n\n\n\n<p>The easiest approach is to use a plugin (if you&#8217;re running WordPress):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/wordpress.org\/plugins\/cookie-law-info\/\" target=\"_blank\" rel=\"noopener\">Cookie Law \/ GDPR Info<\/a><\/li>\n<\/ul>\n\n\n\n<p>You must also include information about cookies in your privacy policy.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"8_Readers_Can_Request_All_the_Information_You_Process_About_Them\"><\/span><span class=\"ez-toc-section\" id=\"Readers_right_of_access\"><\/span><strong>#8 Readers Can Request All the Information You Process About Them<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Under GDPR, users now have a &#8220;<a href=\"https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/individual-rights\/right-of-access\/\" target=\"_blank\" rel=\"noopener\">right of access<\/a>&#8221; to the information you hold about them.<\/p>\n\n\n\n<p>Make sure you can actually access this information. Not only will you need to be able to export logs showing when and how a user subscribed and what emails you sent them, but also information about their activity on your site \u2014 for example, from Google Analytics.<\/p>\n\n\n\n<p>Fortunately, Google has prepared tools you can use for this, including the ability to delete collected data about <a href=\"https:\/\/support.google.com\/analytics\/answer\/7667196\" target=\"_blank\" rel=\"noopener\">any individual user<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Summary\"><\/span><span class=\"ez-toc-section\" id=\"Summary\"><\/span><strong>Summary<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>GDPR isn&#8217;t as terrifying as it seems. It actually helped us organise our email databases, improve their security, and clean out inactive subscribers.\n\nSo what steps should GDPR bloggers take to ensure compliance?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Write a privacy policy<\/li>\n\n\n\n<li>Have explicit consent for data processing for a specific purpose from every contact<\/li>\n\n\n\n<li>Be able to demonstrate when and how each reader gave consent<\/li>\n\n\n\n<li>Include information about third-party data processors in your privacy policy<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Our_Template_to_Help_You_Create_Your_GDPR_Document\"><\/span><span class=\"ez-toc-section\" id=\"Our_GDPR_template\"><\/span>Our Template to Help You Create Your GDPR Document<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>We don&#8217;t want to keep the information we spent hours putting together just for ourselves. So we&#8217;ve prepared a detailed document with a privacy policy template (GDPR) that you simply fill in and you&#8217;re done. It&#8217;s packed with notes and explanations, so even a complete beginner won&#8217;t get lost. \ud83d\udc47<\/p>\n\n\n<div style=\"gap: 20px;\" class=\"align-button-center ub-buttons orientation-button-row ub-flex-wrap wp-block-ub-button\" id=\"ub-button-076fa694-4b94-4601-ac93-6aa31cae8017\"><div class=\"ub-button-container\">\n\t\t\t<a href=\"https:\/\/form.simpleshop.cz\/JWaY\/\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"ub-button-block-main   ub-button-flex\" role=\"button\" style=\"--ub-button-background-color: #ff0000; --ub-button-color: #ffffff; --ub-button-border: none; --ub-button-hover-background-color: #313131; --ub-button-hover-color: #ffffff; --ub-button-hover-border: none; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; border-radius: 10px; \">\n\t\t\t\t<div class=\"ub-button-content-holder\" style=\"flex-direction: row\">\n\t\t\t\t\t<span class=\"ub-button-block-btn\"><strong>Buy the template for 2.50 \u20ac (the price of a \u2615\ufe0f)<\/strong><\/span>\n\t\t\t\t<\/div>\n\t\t\t<\/a>\n\t\t<\/div><\/div>\n\n\n<p><em><strong>DISCLAIMER.<\/strong> We are not lawyers or data protection experts. Everything you read here is simply our interpretation of the GDPR regulation, from a blogger&#8217;s perspective. When gathering information, we relied on the regulation itself and how others have handled it. We reviewed several large and small bloggers and online businesses and their approaches to GDPR compliance. Don&#8217;t take this article as gospel \u2014 treat it as a guide to help you navigate GDPR in your specific situation.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Running a blog but unsure how to handle EU data protection regulations (GDPR)? We&#8217;ve figured it out and put together a detailed guide on how to meet GDPR requirements for bloggers in 8 simple steps.<\/p>\n","protected":false},"author":2,"featured_media":56237,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":"","rank_math_title":"GDPR for Bloggers: Complete Guide in 8 Steps","rank_math_description":"Learn how to make your blog GDPR compliant in 8 simple steps. Our complete guide for GDPR bloggers covers consent, cookies, privacy policies & more.","rank_math_focus_keyword":"gdpr bloggers","rank_math_seo_score":""},"categories":[678],"tags":[],"class_list":{"0":"post-187606","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-how-to-blog"},"acf":[],"featured_image_src":"https:\/\/loudavymkrokem.cz\/wp-content\/uploads\/2018\/05\/jak-na-gdpr.jpg","author_info":{"display_name":"Luk\u00e1\u0161 Kone\u010dn\u00fd","author_link":"https:\/\/loudavymkrokem.cz\/en\/author\/lukas-konecny\/"},"_links":{"self":[{"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/posts\/187606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/comments?post=187606"}],"version-history":[{"count":2,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/posts\/187606\/revisions"}],"predecessor-version":[{"id":217889,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/posts\/187606\/revisions\/217889"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/media\/56237"}],"wp:attachment":[{"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/media?parent=187606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/categories?post=187606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/loudavymkrokem.cz\/en\/wp-json\/wp\/v2\/tags?post=187606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}