GDPR: Do you think they will come after small sites? Thoughts?

  • Thread starter Thread starter Deleted member 1024843
  • Start date Start date
Yes it affect you. At least you should update your terms of privacy.
If you write newsletters you will need to explain for what does the user subscribes. WHO will send, WHAT is the content and Frequency.
If you use google analytics or any other tool for logging user behavior you have to add it. If you use cookie you have to describe them. If you have users below the age of 17 you don‘t have the right to track their behavior,...

Btw. without any result of law sues till now nobody can tell you how the judges will decide your possible case.
 
More steps, you need to have the ability to hand over all data if requested.
This sheds some light
https://wp-gdpr.eu

Hi this is only for word press site can you please give a free code for other sites. Secondly this tool doesn't show option for all user for prior consent.

It's my earnest request if someone has a tool preferably free that site users can use and that has all the features needed please help thanks in advance.
 
Copy/paste from cookiebot website, but it's basically what's needed. Biggest nonsense for me, that site should be usable, even when user declines cookies, it's big BS. What I think if you don't accept cookies, just leave the website, my yard my rules.

Inform your users:
Provide a clear and specific information on the cookies in use on the site, what types of data are processed, for what purpose and where in the world they are sent.

Get prior consent:
Ask for consent before setting cookies. Only strictly necessary cookies may be set prior to the reception of the consent.

Document:
Keep record of all received consents as evidence that the consent has been given.

Protect the data:
Ensure that all personal data is securely stored. Only transmit data to the EU and other adequate countries.

Give your users a true choice:
Make sure that your users have the possibility to see the cookies, select, accept and reject them. The site must function even though the user has rejected cookies.

Provide the option for your users to change their mind:
Give access for the users to see and change their choice of accepted and rejected cookies on your site. If the user so requests, you must be able to erase their data.

Alert:
In the case of a breach, alert securities and affected users within 72 hours.
Nice share!

I've seen a couple of sites having a small pop-up window asking people to accept cookies etc.

Anyone got a good plugin for that?
 
Nice share!

I've seen a couple of sites having a small pop-up window asking people to accept cookies etc.

Anyone got a good plugin for that?
You have to list all cookies which your site uses, cookiebot do that automatically, but it's free only for single language and 100 pages site. Second is GDPR Cookie Compliance by moove agency, but with this plugin you'll have to list all cokies yourself. First plugin more automation, second more manual work but it's free.
 
You have to list all cookies which your site uses, cookiebot do that automatically, but it's free only for single language and 100 pages site. Second is GDPR Cookie Compliance by moove agency, but with this plugin you'll have to list all cokies yourself. First plugin more automation, second more manual work but it's free.

Hi so I saw the site but it says in free some premium features won't be there, so if I take the free feature is it more than enough and no need to take the paid thing, also once I take free or paid features do I need to add more details in the privacy page? If yes what should I add.
 
Hi this is only for word press site can you please give a free code for other sites. Secondly this tool doesn't show option for all user for prior consent.

It's my earnest request if someone has a tool preferably free that site users can use and that has all the features needed please help thanks in advance.
That was only meant to show what is involved. Each site is different as to how they use data. You basically need to do everything yourself like writing privacy policy, terms and conditions etc. Then you are supposed to get a lawyer to check it, which obviously not everyone can afford.
 
As I had worked on that for our online shops in Germany. So for Germany I'd like to add my 2 cents:

First of all these fines, wouldn't be issued with the first misdeed. It's more likely that you will get warned and got to fix these issues in a timely manner.
Second, authorities in charge for controlling etc. are pretty understaffed. We're talking about 10 people responsible for couple 10 thousands companies in some areas.
Third - Most changes aren't real changes to pre-existing german data protection laws, media and people are running around crazed as the fines have been raised, also we had a 2 year "pre launch" phase.
Until now mostly noone cared about.

In a nutshell what have we changed for our shops:
  • Signed contracts with company that work or could be able to work with customer data we collect / store (eg hosting providers, google analytics etc)
    • Those contracts could be signed digitally, Analytics handles it that way
  • Updated privacy terms (what user related data we collect store and why)
  • Updated social sharing buttons (that had to be optin anyway long ago)
  • Reduced amount of collected customer data to a minimum to fullfill the job when possible
  • Added links & checkboxes to forms confirming the read of privacy terms and refering to them (registration, newsletter, contact form, product reviews etc.)
  • Added one click export of stored user data to customer account
  • Check if manual export of user data for admins to send to user works
  • Updated internal documents about how, why, who, about who we collect, store and work with
  • trained staff that works with that user data on privacy
  • have staff sign an agreement about non disclosure / privacy
  • some minor changes for transparency
Depending on staff size of your organization more rules may aply. Also note that some information is only to provide to authorities when asked about. But also then you have a time frame of nearly a month iirc.

Most fuss about that whole GDPR is unnecessary. We always prefered a transparent approach with anything customer related. User data from guest orders is normally deleted after 6 month of order data, or after we're not forced to keep record of customer data for tax purposes or so.
 
I think that every site will be hit sooner or later. So I would try to fix everything as soon as possible
If you dont know about it then its better not to talk about that.
Its actually for European Union , and from now they will inform you what kind of data are being collected from you.
Till date they have collected it without your information now they will take it with your information.
Its basically for those sites which are processing Visitor's data & statistics; like Facebook, Google, Yahoo etc.
If you are also collecting visitor's data from your customers then you have to abide by this policy as well.
 
If you dont know about it then its better not to talk about that.
Its actually for European Union , and from now they will inform you what kind of data are being collected from you.
Till date they have collected it without your information now they will take it with your information.
Its basically for those sites which are processing Visitor's data & statistics; like Facebook, Google, Yahoo etc.
If you are also collecting visitor's data from your customers then you have to abide by this policy as well.
So basically all sites, because all sites use analytics or similar software to track users on their website.
 
So basically all sites, because all sites use analytics or similar software to track users on their website.
Yes, basically all sites. And yes, they will go specifically after small site owners, because the large ones will comply anyway.
The key is that "they" will not be the authorities but law firms who are already rubbing their hands waiting for the 25th.
The process can be fully automated: scrape a site from within the EU, see whether it uses analytics or social share buttons, then analyse its T&C and Privacy Policy.
Within minutes you find thousands of non- compliant sites and can start to send them "helpful" mails
 
Could anyone list a sample site, I have drafted tos and privacy just need to add for social buttons and this new GDPR.
 
Yes, basically all sites. And yes, they will go specifically after small site owners, because the large ones will comply anyway.
The key is that "they" will not be the authorities but law firms who are already rubbing their hands waiting for the 25th.
The process can be fully automated: scrape a site from within the EU, see whether it uses analytics or social share buttons, then analyse its T&C and Privacy Policy.
Within minutes you find thousands of non- compliant sites and can start to send them "helpful" mails
I read London law firms a training staff for this, so they think its a goldmine. As it affects every site out there, big bucks await. Wish I'd studied law now not history lol!
 
I read London law firms a training staff for this, so they think its a goldmine. As it affects every site out there, big bucks await. Wish I'd studied law now not history lol!
lol thats kinda peak blud u get me
 
I'm thinking, instead of "hoping" the users go the extra mile and "opt-in" manually to various cookies one by one that make up the lifeline for the website, who obviously will not turn those cookies on (because no sane person would do that to themselves), isn't there a plugin that would threaten to kick the user out of the site unless they allowed those cookies?

Since I'm only just getting into running affiliate sites, I might as well give them my websites' log-in information and whatnot, because it's quite worthless without those cookies active.

EDIT: just as I was looking around on this, I stumbled upon one site like that; check out forbes.com (this is what I had in mind, but you probably won't see it when you're from outside EU...).
 
Last edited:
I'm thinking, instead of "hoping" the users go the extra mile and "opt-in" manually to various cookies one by one that make up the lifeline for the website, who obviously will not turn those cookies on (because no sane person would do that to themselves), isn't there a plugin that would threaten to kick the user out of the site unless they allowed those cookies?

Since I'm only just getting into running affiliate sites, I might as well give them my websites' log-in information and whatnot, because it's quite worthless without those cookies active.

EDIT: just as I was looking around on this, I stumbled upon one site like that; check out forbes.com (this is what I had in mind, but you probably won't see it when you're from outside EU...).
where's this idea from that you need to consent to cookies one by one? you just need a once in a lifetime consent to cookies in general and it's been like that for a couple of years already.
There's tons of WP plugins and JS code snippets to do that and you find them on practically every EU based site
 
where's this idea from that you need to consent to cookies one by one? you just need a once in a lifetime consent to cookies in general and it's been like that for a couple of years already.
There's tons of WP plugins and JS code snippets to do that and you find them on practically every EU based site
Most such plugins seem to allow users to simply ignore or decline the cookies entirely while still being able to navigate the site (and usually those cookies are being used regardless).

Now that this is being enforced (maybe, probably?), that won't cut it for me anymore.


Take the Moove Agency wordpress GDPR plugin for example. It shows an option to disable strictly neccessary cookies (it's disabled by default there)... It's basically a cookie in itself, beating the purpose of having it. To have such a mistake in it makes me question the other functions it has.
 
Last edited:
I'm not sure about session cookies, the first thing you do when you use session cookies is starting a session.
 
How come here no one can list a sample site which has adopted it in its privacy and tos and displays the consent bar once we go on it. Won't it be easier if we see a sample so we'll can draft it better.
 
I can say so much: In the casinos everyone goes crazy for it now. They will come after everyone who operates in the EU, doesnt matter if small or big. It is just a matter of time. You should be prepared and find ways to go around it, depending on your type of business, or update your website if thats your income
 
Back
Top