One Hour to GDPR Compliance

What is GDPR?

If you have a small business card type website, don’t live in the EU, or have been on vacation for the past couple of weeks, you may not have missed the buzz about General Data Protection Regulation (GDPR) compliance. If you have a website, then you want to know what GDPR is. Give us 4 minutes and we will get you up to speed.

From all the articles that I read – gave the clearest (least legalese techno jargon) explanation that I found:

“The General Data Protection Regulation (GDPR) is a set of rules designed to give EU citizens more control over how companies from all over the world are allowed to use their data. Companies must be GDPR compliant by May 25, 2018.

Under its rules, EU citizens have the right to:

  • Know exactly how their personal data is being processed
  • Get access to the personal data held about them
  • Ask for incorrect, inaccurate or incomplete personal data to be corrected
  • Request that personal data be erased when it’s no longer needed or if processing it is unlawful
  • Object to the processing of their personal data for marketing purposes
  • Request the restriction of the processing of their personal data in specific cases (e.g. they can ask that certain companies not be allowed to process their data)
  • Receive their personal data in order to send it to another business
  • Request that decisions based on automated processing concerning their personal data are made by natural persons, not only by computers.”

I have a website, but I don’t live or work in the EU, so why should I care?

According to’s well stated explanation: “No matter where you live, where your business operates, or who hosts your website, if you target, market, or do business with EU citizens, you are affected by the GDPR.”  For more information read blog posts on this topic.

I use my website as a business card. I don’t have users login or post comments. How am I collecting data?

Surprise! Google analytics collects data from your site visitors as does a number of plugins esp. but not only ones that allow for comments. If visitors post comments, login to your site, use your site search or purchase items on your online store – you are collecting their data. You can easily test your site to see what type and how many cookies you are using with the free Attacat Cookie Audit Tool. Just open Chrome and visit  Attacat‘s website.  Follow the install and testing instructions and you will be able to view all the cookies on your site. Attacat also helps you write up your cookie info page. Here is the page that came from testing my site with Attacat: Create your own cookie page and now you are another step closer to compliance.

Create Your Privacy Policy Page

Working with WordPress? Make sure that you have the latest version and now on your dashboard, click settings > privacy. If you do not have a privacy policy on your site – choose “create new page”, if you do then you will choose “Select an existing page”. WordPress will walk you through creating the page with the content that you need. You can accept their standard text and personalize for your website needs as you see fit. In addition WordPress includes a link to their Privacy Policy Guide. We followed their guidelines and incorporated their suggested text on our policy page. Although we currently do not accept comments on our site, we included WordPress’ comment info comments to help you out. Check It out at In the cookies section, we incorporated the first two paragraphs from our cookie page (that we just created with Attacat) with a link to full details.

Last Step

Download the free plugin GDPR Cookie Consent from your dashboard plugins>add new. Once activated. Go through the settings choosing what works best with your site. Here is where you can add a “reject” in addition to the “accept” cookies button. When you review the
“Customise Buttons” section make sure to add the link to your Privacy Policy.

Final Review

Now check your website and review the new bar that shows the cookie statement –This website uses cookies to improve your experience. We’ll assume you’re ok with this, but you can opt-out if you wish. It is either in the header or footer of the site depending on where you set it. Test the link and you are good to go.

Questions, feel free to contact meFor more information about GDPR in Israel, click here.