What’s the Deal With GDPR Compliance?

How Data Protection Affects You

GDPR, or General Data Protection Regulation, is a regulation from the European Union that helps protect web users’ data.  Wait, I know, I know.  Before you say it: You are in the United States!  But before you hit ‘delete’ calling this irrelevant, let me explain how it affects you.

If you collect names, IP addresses, session cookies, or e-mail addresses (which most websites do), you collect personal data. This personal data should be protected, right?  True.  But starting May 25th, some US websites were also required to abide by new European website privacy laws.  Of course my head was spinning trying to understand why we should be required to follow European laws.  So I did some research.

After digging deeper, this law will apply if you market (even by accident) to the EU (European Union) or a country within.  Business owners with no market share in the EU, who don’t target the EU in marketing, and don’t own an overseas domain name, have little to no required changes to make.  Or do you?

For those that might be (even inadvertently) marketing to Europeans, and those wanting to tighten your own privacy reigns, let’s take a look at their laws.  The theme is this: Be more transparent with your potential clients.  We can all learn about transparency and protecting our clients’ data!  So here are the highlights behind this regulation.

  1. Explain who you are, how long you’re keeping user data, why you need it, and who on your team or externally has access to it
  2. Get explicit and clear consent to collect data through an opt-in
  3. Give users access to their own data, the ability to download it, and to delete it from your records completely
  4. In the event of a hack or security breach, let your users know about it

So these aren’t too bad.  But the fines for not complying are!  “You could get fined 2% of your worldwide annual revenue for failing to disclose a data breach, or up to 4% for failing to ask for user consent when storing data.”1

What should I do?

Perhaps you don’t market to the EU and don’t service these clients.  It’s probably a good idea, however, to have an easy-to-read privacy policy and explanation on how you use personal data.  Get to know what personal data you actually collect, and make sure it’s being handled with care.  Lastly, (this will also improve your Google ranking) get an SSL to protect personal data in transit from your server to your customers.

If you sell or market to Europe (or the EU), now is the time to pony up and get that privacy policy written.  Get a clear statement on how you handle cookies and personal information.  Check out these easy-to-read articles by Elegant Themes here and here.  Also, you can check out this article by Fortune and this one by Forbes.

If you need help with compliance, we’d be glad to offer suggestions or setup your pop-up!

1 https://www.elegantthemes.com/blog/resources/a-quick-guide-to-data-protection-regulations

 

Get More Web Traffic

What You Need to Know

Is your website traffic flat? Or worse, declined?

 

You keep waiting for that search engine optimization (SEO) you just added to start working, but so far, nothing! You might have been even promised results and you’re left shaking your head.

 

Here Are 4 Ways to Increase Web Traffic

 

1. You Really Do Need SEO Setup

This is an ever-evolving animal. Google (and others) have a revolving algorithm that determines who gets put on top of the search results. Pick a very specific keyword for each page and post. That’s how you will get put to the top the fastest! Having a unique keyword will make you stand out.

If what you have isn’t working, try another word. Here’s a resource to check your key words. My go to plugin for SEO is Yoast SEO. This article will give you much more info on SEO and Keywords.

2. Use Google Search Console

Google Search Console is free and will help you find words to use for SEO; it will also show you what people were searching for to find your site and the number of hits you’ve had. You just have to have a Google account to make a search console.

3. Be Verified on Google My Business

“Local Search” is your new best friend, so be on Google My Business. There are ways that search engines will point users to local establishments when you are 1. closest AND 2. meet the search criteria. So when someone types “mens jewelry wilmington nc” into a local search, they will only see businesses that have “mens jewelry” as keywords closest to the center of Wilmington, NC.

To make sure you are verified, sign up for Google My Business here. Fill in as much info as you can, but most importantly your local address, business phone and website. Then be sure to have your business verified, usually by mail.

Then sit back and watch your business pop up in Google Maps searches! You can even download the Google Business App.

4. Stand Out From The Crowd

Whenever you notice your competition is not doing something that you know is popular, do it! For example: Your competition isn’t making videos. Video is so popular right now! So make some videos. Don’t be afraid, either. They never start out the best, but over time, you’ll get the hang of it.

 

One Step at a Time

 

There’s always more we can do to improve our SEO! Don’t let some email or marketer tell you they have the secret to getting you to the top of the search results. There IS NO secret!

If there’s anything I can do to clarify or help you wade through the SEO soup, please reach out. I’m happy to help or point you in the right direction.

WordPress Security Announcement

w-logo-blue

Attention WordPress Users!

A recent post from WordPress has addressed some security concerns.  Make sure to update your plugins and WP version to the latest.  If you don’t know how, just ask your web designer.

Here is the article they posted on their site HERE.

WordPress 4.1.2 is now available (4-21-15)

This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Cedric Van Bockhaven and fixed by Gary Pendergast, Mike Adams, and Andrew Nacin of the WordPress security team.

We also fixed three other security issues:

  • In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded. Discovered by Michael Kapfer and Sebastian Kraemer of HSASec.
  • In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack. Discovered by Jakub Zoczek.
  • Some plugins were vulnerable to an SQL injection vulnerability. Discovered by Ben Bidner of the WordPress security team.

We also made four hardening changes, discovered by J.D. Grimes, Divyesh Prajapati, Allan Collins, Marc-Alexandre Montpas and Jeff Bowen.

We appreciated the responsible disclosure of these issues directly to our security team. For more information, see the release notes or consult the list of changes.

Download WordPress 4.1.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.1.2.

Thanks to everyone who contributed to 4.1.2: Allan Collins, Alex Concha, Andrew Nacin, Andrew Ozz, Ben Bidner, Boone Gorges, Dion Hulse, Dominik Schilling, Drew Jaynes, Gary Pendergast, Helen Hou-Sandí, John Blackbourn, and Mike Adams.

A number of plugins also released security fixes yesterday. Keep everything updated to stay secure. If you’re a plugin author, please read this post to confirm that your plugin is not affected by the same issue. Thank you to all of the plugin authors who worked closely with our security team to ensure a coordinated response.

Already testing WordPress 4.2? The third release candidate is now available (zip) and it contains these fixes. For more on 4.2, see the RC 1 announcement post.