GDPR for small business

General Data Protection Regulation changes
What you need to know before May 2018

If you have a mailing list or website that collects even simple personal data you need to know about GDPR. But don’t worry, it’s not as scary as it sounds. I’ve broken it down into 3 main points.

(Please note: This is not official legal advice!)

What is GDPR?

General Data Protection Regulation or GDPR is all about protecting personal data of EU citizens. Personal data is essentially any information that could potentially identify a human being! Email addresses, phone numbers postal addresses… any information that you collect about your website visitors and mailing list subscribers means that you are responsible for it! GDPR laws have been created to protect people and make sure companies treat their info’ responsibly.

GDPR is a complex subject, but I’ve broken down the main points for you here so you can get be ready when the new regulations come into effect in May.

Understand, Inform, Implement


If your company has mailing list and website you need to understand what information you are gathering about your subscribers and website visitors. You (or the person in your organisation responsible for that data) need(s) to know exactly what information is being collected, how it is processed and what purpose it serves.

Often when people make their own website or have a developer create a website on their behalf, there can be a gap in knowledge. Website analytics and email marketing tools are often simple to get started with but have layers of complexity that aren’t obvious at first glance. With the new data protection regulations, you MUST understand what info is being retained. So if you use third-party applications, now’s the time to figure out what they are doing.


Similar to the Cookie laws that are already in place, you need to have a clear statement notifying website visitors/subscribers exactly what’s happening. The GDPR updates mean that you need to provide more information than before. Again…

  • what data is being collected
  • how it’s being processed and
  • what purpose this information serves

Also, if it happens that there’s a breach of security, you need to let everyone know within 72 hours. So if your accounts have been accessed without authorization, the people affected must to be told.


So the majority of the work you need to do to prepare for GDPR will be in implementation. With the new regulations, your website visitors and subscribers have the right to access, the right to be forgotten and the right to data portability. Essentially…

  • they are allowed to access the information you have saved about them
  • they must be able to have a report with all the details
  • they are allowed to edit or delete their information

So this means you must be able to facilitate all that interaction. You might need to put systems in place for this to happen, or at least know how to do it on request.



Things to check

Be sure that you cover all your online tools. If there’s a contact form on your site or a forum with comments and member profiles make sure you take control of how that information is handled. If you have an ecommerce site, be sure that postal addresses and other personal info’ is handled securely.


Explicit consent must be given when people join your mailing list. So be sure you’re using double opt-in with your email marketing tools. Hidden check boxes are not allowed anymore.

On the plus side!

I see this as an opportunity to simplify your systems and to understand more about the potential uses of the data you’re already collecting!

If you find data in your systems that you are collecting that you don’t actually need, just remove it. If you’re responsible for this information you need to be very careful, but if there’s data you don’t need, stop collecting it.

I hope you found this helpful. If you know someone who would benefit from this, please do share 🙂

The High-Converting
Homepage Formula

Get more leads more often from your website

Good news! Your homepage can make your site visitor feel like they've found what they're looking for. When they feel this, they connect with you, become leads and even paying clients.

The bad news is that you have a matter of seconds to make that first impression! 

Use this exact formula (template + video guide) to transform your homepage and consistently get new leads and clients!

Similar posts

Life coach website set up with lead generation strategy

Body Confidence Coach Website recreated, new brand and photographs incorporated and lead generation tools designed and automated “If you want a cracker of a website that brings you leads then work with Claire. She created my dream website, gave me clarity on my...

Some personal notes and resource recommendations

Some personal notes and resource recommendations

Some personal notes and resource recommendations25th of March 2020 Uch! This situation is weird, confusing, and way too real. It’s taken us, as a family, over 10 days of confinement to really realize that this isn’t just “like a film or something”. It’s happening....

Is your site compatible with mobile devices and small screens?

Have you checked that your site works on different devices? With mobile browsing on the increase, it’s more important than ever to make sure you’re offering your website visitors a smooth and glitch free experience, no matter what device they’re using. Here’s a quick way to check that your site looks good on small screens.