If you are in the nonprofit or business world, or really any area where you have a website, you’ve probably heard this term floating around for the last year or so called GDPR.

And if you’re like me, you’ve probably done a quick google search to get the basics, but then are left in the dark not knowing how you need to take action on it.

Well friend, I’m here to help! But first, let’s start with the basics. What is GDPR:

“The General Data Protection Regulation (“GDPR”) is a legal framework that requires businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. It covers all companies that deal with the data of EU citizens...” - Forbes

Basically, this set of rules governs the collection and storage of private information online for European Union citizens. It went into affect officially in May of 2018.

How does this apply to you, especially if you are in the US and not in the UK? Basically, if you are taking any personal information from donors, customers or followers who could potentially be based in the EU, you need to comply with GDPR.

Even if you aren’t selling anything, but have a “newsletter signup” on your website that collects emails, or an appointment scheduler that collects personal info, you need to be compliant.

By now you are probably asking, well what exactly do I need to do then?  

Here are three relatively simple things you can do to become GDPR compliant, protecting your business or nonprofit.

1. ADD A COOKIES WARNING TO YOUR WEBSITE

Sadly this doesn’t mean actual cookies (nom nom:). Here are what “cookies” are in the online world:

“An Internet cookie is a tiny bundle of text in a file that a website stores on your computer via your browser. It isn’t malicious by nature, it’s merely a functional record of some of the data associated with your machine’s hardware and capabilities… Cookies can generate and share long strings of information about which sites you’ve visited and what you’ve done there, and that data can be transmitted to other sites even without you being aware of it.” -howtogeek.com

Most people don’t think twice about this, but the folks in the EU seem to think this is something that needs to be told to your visitors upfront.

This means you need a “cookie warning” that visitors “accept.” This warning informs your them that you are collecting bits of their info that they may not be aware of.

Here’s an example: “By using this website, you agree to our use of cookies. We use cookies to provide you with a great experience and to help our website run effectively.”

This is usually a pop up or a bar that shows up when someone initially visits your site, that they “accept” or click out of. You should also include a link to your “Privacy Policy” in this pop up.

How do you get one of these pop ups? If you choose to design or redesign your website using the web hosting platform Squarespace, they make it super simple! It’s a built in feature you just customize to your liking. (PS: if you design through me, I can give you 20% off your first year with Squarespace). If you use a different web hosting platform, chat to your web designer about how to incorporate this.

2. ADD A PRIVACY POLICY TO YOUR WEBSITE

Next on the list is you need to have a page strictly designated to your privacy policy. If you collect, store or share any personal data, you need to have this legal agreement that informs your visitors of what you plan to do with that data. Without it, you open yourself up to the potential of being sued, not to mention you could potentially be breaking the law, even in the US. 

This isn’t just a few sentences you put together yourself. It needs to be compliant with the law, and take into account all of the nuances involved.

It should include your business name and contact info, the type of data you’re collecting, the purpose for collecting, how you plan to use it, how long you plan to keep the data, whether or not you share it with third parties and how people can opt out of sharing their personal data.

Where can you get this? Hiring a lawyer can become very expensive. There are many online free or inexpensive Privacy Policy generators, although you never know what you’ll get. Please do not simply copy and paste one from someone else’s site (that’s plagiarism and copyright infringement y’all!). My best suggestion, is to purchase one from my favorite legal businesses, Creative Law Shop.

Paige Hulse of Creative Law Shop is a lawyer and has created tons of different legal documents specifically for small creative businesses, but her Privacy Policy specifically can be applied to any small business or nonprofit. Once you purchase the document, she even highlights what parts you need to fill in and tweak for your specific business or organization. I’ve used her policy and loved it!

And guess what, not only are her templates very affordable, but because I am an affiliate of the Creative Law Shop, I can offer you 10% off when you purchase! Just use code PERSPECTIVESTUDIO10 at checkout. Woohoo!  

3. ADD TERMS & CONDITIONS TO YOUR WEBSITE

Last on your list, you need to have another page specifically designated for your Terms and Conditions. Essentially, your Terms and Conditions is a contract between you and your website visitor. Although it’s technically not required by law, this is the main legal document that will protect you from copyright infringement.

It basically tells users that you own your content, gives guidelines for using your site, includes a disclaimer about limit liability in cases of errors on your site, includes your copyright and trademark, and sets governing law (where your site operates from).

Yeah, it’s definitely something you need to have on your website.

More good news for you! Although you can also find Terms & Conditions generators online at certain price points, Creative Law Shop has an amazing, comprehensive Terms and Conditions website template that I would highly recommend. Although it’s slightly more costly than the Privacy Policy, again, use my 10% off discount code and rest at ease by getting yourself covered with your website and content. Use code PERSPECTIVESTUDIO10 at checkout. Score!

There you have it! I hope these three quick tips are helpful to you in making sure your nonprofit or business is protected and compliant with the law! This will put you at ease, so you can focus on the important main aspects of your work.

Keep changing the world!