DSGVO area of effect: Also relevant for bloggers
For a violation of the DSGVO in the future harsh penalties. Staggered, they vary between ten million Euro or two percent of annual sales and twenty million and four per cent of the annual turnover.
- People can, however, take a breath, because in the second article, the law includes an exemption from the Application of the "natural[n] persons for the exercise of exclusively personal or household activity".
- Nevertheless, the DSGVO is aimed not only at large companies such as Facebook and Google, but relates to anyone who needs to collect of data. So, Blogs in the area of effect of the DGSVO, as here, a commercial Use is detectable, so for example, advertising or Affiliate Links is worked.
- If a Blog is used only for private and not-for-profit, the DSGVO together with their penalties, no application.
Time for Action: The DSGVO also relates to bloggers. (Image: SMART)
How to get to my Blog DSGVO-compliant?
Since most Blogs earn in one way or another money, you need to follow the guidelines of the DSGVO. However, this is easier said than done, because the DSGVO is not just a simple work, and many of their specifications are almost implemented only with a higher level of legal and technical Know-How. The most essential Changes you need to make due to the DSGVO, we have summarized here for you.
- Privacy statement: The privacy statement is. The should address all of the new features of the DSGVO and explicitly address. Even you do not have to formulate the Whole but. On the Internet to find appropriate data protection, explanation generators, and after a few questions to be answered with a ready statement to spit it out. Note, however, that your explanation of each bottom is reachable with a single click.
- Processing directory: in Addition, a processing directory to the DSGVO required. This is a largely informal Letter, in the by must be, what user data is collected and for what purpose (e.g., Newsletter registration, or audience analysis). On the net you will find a wide range of suitable pattern-Writing.
- Opt-Ins for Cookies and Google Analytics: Should you use your Blog Cookies or other user data collecting Tools such as Google Analytics, you must give users when you first visit the website on this point and explicitly agree (Opt-In). For the implementation of the function you need but not necessarily a lot of technical Understanding. With the Wordpress Plugin "Pixel Mate" from soul sites to these facilities automatically take care of. All the info to this topic can be found in a separate article.
- Dealing with user-generated content: Also for contact forms and comments need to now the User about the collection of your data and its security are. For this purpose, but the Wordpress Plug-In "WP GDPR Compliance" used to be.
- Secure data transmission: to Continue, you must make sure that data transmission is proceeding as safely as possible. If not present, a SSL connection is an absolute must. Whether your Blog via SSL connects in the URL. Here then must "stand https://" instead of "http://".
- Caution in the case of web shops: if you are on your Blog, a Web Shop run need, in addition, a so-called "privacy impact assessment." Here, however, is not official yet clear which business are affected models actually. At least here a consultation with a lawyer is strongly recommended.
DSGVO: So make your Blog secure against warnings. (Image: Pixabay)
DSGVO features for web pages-Plugins
Special problems the DSGVO with U.S. web hosts, and plug-in operators, is preparing. Please note the following points:
- Order data processing contract (AVS): you Are a user of Wordpress or of other U.S. services, you should review the privacy and legal Standards exactly, because outside of Europe the DSGVO has no validity. The responsibility in this case lies entirely with you. It therefore makes sense, with all the used plug-in providers a so-called "contract for commissioned data processing" to complete. Here is regulated, as both parties to the contract must partner with user data. Also, see a good sample documents in the Internet.
- The exception of The E-Privacy Shield: Some of US plug-in providers, such as, for example, the Newsletter Plugin "Mail Chimp", also with respect to the DSGVO the so-called "E-Privacy Shield" logged in. All the members are committed to the respect of privacy and DSGVO. These companies can therefore be assumed that they act DSGVO-compliant; a of AVS is therefore not necessary.
- Watch out Google - and Facebook-Plugins with Plugins from the house of Google and Facebook with caution, since these, as soon as they are only embedded once in the Blog, regular users of the data collected. Also embedded in the web page Facebook, Google, or Twitter Buttons, it must be noted that user data can be collected as soon as the respective Button is clicked.
The mentioned steps are the essential part of the Changes that need to be taken in the context of the DSGVO on your own Blog, and not a substitute for traditional legal advice. Together with our DSGVO check list , but they are already well prepared.
As the DSGVO in Wordpress exactly to implement, we show on the next page.
