Nar weighs in on gdpr and what it means to you! 6 gases

Let me make this perfectly clear as per the attorneys- the GDPR is able to enforce this regulation because they are not saying United States websites have to obey. Instead, they are saying that YOU have to obey no matter where your website or company is located IF you get any EU citizens that visit your website.

Then Jerry Newman asked about it again and I answered in great detail. I read all the comments and discovered most agents don’t have a clue about GDPR and really don’t even care. I wish I could "not care" too. Unfortunately, there are always unintended consequences from regulations.

But even worse, I visited a lot of the websites of those agents in the comments to discover 90% of them are not even FTC compliant! You have to be FTC compliant no matter who you are if you have a website in the United States. I will cover more of this another day.

Also, on most of the websites I visited, they were not even compliant for California resident regulations. There are two laws passed in California that contain regulations that must be on websites from owners in California or for websites outside of California but have traffic from California going to it.

If you have a website here in the United States and maybe you live and work in Kansas. You are highly unlikely going to get website traffic from the EU unless you live in a town in Kansas that shares the same name as a town in the EU. In this case, you may simply BLOCK all traffic from the EU and their participating countries.

The main change is that the GDPR is changing the internet from being an "OPT OUT" system to an "OPT IN" system. We think of people who visit our website as visitors and we don’t have an obligation to a visitor until they Opt In to listing alerts or leaving a review or a comment, or signing up for your newsletter. But GDPR covers ALL personal data which includes the IP address!! The IP address alone is considered personal data.

IF you are using Google Analytics,Market Leader, WordPress contact forms, plugins that can see or use data, CRM cookies, etc…. if you have any of this on your website – you are now being held accountable for each IP address from the EU and their joining countries. So if you think that by having a secure website because you have SSL, that is not good enough.

The way we have always used the internet was that when we visit a website it is assumed we will be tracked, cookied, etc and that we have a privacy policy in place. But this new regulation does away with the assumption and implied consent. Now you must let people know as soon as they land on your website how you are using their data. They need to expressly give you permission to do so by clicking a button or something like that on your website.

You must be able to comply with the part of the rule that talks about the "Right to be Forgotten". You must remove all of their data through anything, your email list, your IDX list, your vendors, your paperwork, your docusign documents, etc.

• The "right to be forgotten," which allows EU residents to ask that their personal data be removed from online depositories. This means you need to know how to locate data you store about web visitors and customers – including passively collected data like cookies and IP addresses used for analytics – and how to delete it.

This is such a pain in the butt, and there are soooo many confused bloggers and people out there (as well as conflicting info). I agree w/ Bill’s comment, but while I find this ultra annoying, I’m doing my best to adapt. I listened to Amy Porterfield’s webinar last week and I have to say it was the clearest thing I seen out there.

This week is implementation week for me. Last week I deleted EU/unknown contacts (I haven’t been using my email list for a year and a half anyway – long story), so that wasn’t a loss. Trying to adapt all my email list/opt-in forms/lead magnets. Tried to do yesterday and ran into some technical issues, but hopefully I will get this figured out by Sunday as I need to move on and work on other business items. Oh, and the privacy policy.

There’s also something w/ GA that I think may need to be done. Not sure what it is. It pops up every time I’m in GA, so need to figure that out, too. Or, if you know what I should do within GA, let me know. (obviosly I need to include within Privacy policy). May 16, 2018 04:47 AM