When the GDPR went into effect a few weeks ago, we scrambled to find out what we had to do to be compliant.  Thankfully, I have been a longtime reader of Elaine Rue over at Lady Boss Blogger.  Of course she immediately had an informative blog post that outlined everything in an easy to understand language.   I am reposting (with permission) her post.

If you haven’t had the chance to check out her blog, RUN over and do so.  It’s completely dedicated to female entrepreneurs and brands (two of my favorite things).  I touched on it above, but the content is easy to read and she has a way of writing that gets right to the point and is easy to follow.  It’s inspirational and touches on a ton of topics that are directly related to running a brand and business!

GDPR Requirements for Photographers

What is GDPR?

It stands for General Data Protection Regulation and it went into effect May 25, 2018.

If you’re a blogger that collects or could potentially collect information from people living in the European Union, then you need to put more privacy settings in place.

It doesn’t matter if your main audience isn’t from the EU, if you have a form on your website that lets people opt into your email list, you need to follow these legally binding new rules because your blog is on the world wide web and available to everyone.

Disclaimer: Elaine Rau founder of LadyBossBlogger cannot be held liable for anything you do. I am NOT a lawyer or a GDPR expert, nor do I pretend to be one on the internet. The following is simply a summary of my findings on the subject. Consult with an attorney for your business for proper legal advice.

First off, DON’T PANIC

These new laws are simply making us better bloggers and marketers to ensure that the people we are emailing want to be on our email list. That’s it!

The biggest thing is don’t freak out. Simply educate yourself. Keep to clean (not shady) email list building strategies and you’ll be totally fine.

What You Need To Do To Become GDPR Compliant

Enable GDPR compliant opt-in forms. Your email service provider should have new forms available for you, if they don’t, you need to change email providers.

Make sure you don’t have anyone on your list from the EU that doesn’t want to be on there or who hasn’t given you their consent to get your emails.

How To Enable GDPR Compliant Forms On Your Blog

I use ConvertKit as my email provider. If you don’t use ConvertKit yet, I would highly recommend them. They are the #1 email service provider for bloggers.

In general, regardless of your email service provider, the new opt-in forms should be in your settings.

Here is how to adjust your settings in ConvertKit.

Click on your profile picture in the top right hand corner
Go to Account Settings
Select the second or third choice

Elaine Rau Privacy Policy GDPR LadyBossBlogger.com

The new subscriber forms that ConvertKit is coming out with will have more options for opt-ins. This allows new subscribers to make the choice to either only receive your freebie or to also be added to your newsletter list.

Bloggers often design forms with freebies to entice people to sign up, then they send more emails to them in regards to their own blog posts, products and services. This is now illegal to do to people living in the EU… IF your form doesn’t explicitly state that they are also agreeing to subscribe to your newsletter.

While it is still ok to do this in the US, Australia and most other parts of the world, it’s good to give your readers a choice on what kind of communication they will receive from you.

Twig & Olive uses Mail Chimp.  Their settings are similar.

What To Do With Old Non-GDPR Compliant Forms?

You will have to go in and change what your current forms and landing pages say in order to be GDPR compliant.

It would be good to turn on the double opt-in option on your forms. What a double opt-in can do if you do get audited is demonstrate that you got their permission and clear consent to send them emails.

You do this in ConvertKit by going to Forms -> Settings -> Incentive Email -> Click Double Opt In.

Elaine Rau Privacy Policy GDPR LadyBossBlogger.com

You can also add link triggers to the incentive email they get asking if they would like to continue receiving emails from you which they will agree to if they download the freebie.

If you have a form where it’s clear that they are signing up for your newsletter, like the one below, you’re totally fine because they are expecting to receive more emails from you.


Once again, PLEASE don’t worry.

The Information Commissioner’s Office (ICO) has made it clear that they aren’t interested in handing out fines, although they have the power to do so. They are more interested in making sure that your information is being shared with people who want to receive it.

In general, that is simply good marketing.

We are going to continue to see more laws set in place to keep malpractices at bay, so get used to seeing stuff like this if you want to be a blogger and stay in business!

How To Write A Privacy Policy?

Reference Elaina’s here or find a lawyer to help you write one according to the specifications of your business.

If you found this post useful, share it with all your blogger friends to make sure we all stay GDPR compliant!

If you have any questions about GDPR, feel free to reach out to Elaina at [email protected], and she would be glad to answer any questions you may have!

Much Love,

<3 Elaine Rau