Does GDPR Apply To You As A Blogger?

Now that GDPR has come in to force, it suddenly dawned on me that I may have to comply with GDPR regulations as I operate my blogging site allowing comments from the public and subscriptions to my blog. In order to find out if I needed to comply or not, I called the ICO office to gain some advice.

This is what they told me

  • If I collect information that can identify a person as a single entity, then I need to have a Privacy Policy. The Privacy Policy must be accessible on the website, but that is not enough. I have to email all subscribers and commenters telling them that the privacy policy exists and that policy should also contain a description of what I do with the data captured. This itself does not mandate whether or not I have to register a DPO with the ICO and pay the annual fee. For that further considerations need to be taken.
  • If I recommend a product that is mine or promote a product of someone else’s on my blog site, I must register and comply with GDPR. Honest and independent (i.e. you have not been paid in money or goods to review) product reviews without recommendation are exempt. Meaning your review must not steer your readers to use this product over a competing one.
  • If my posts contain the name of a person or any data that can identify them I must register and comply with GDPR, this includes mentioning names of public figureheads.
  • If commenters ask me directly for support / assistance and I engage in that transaction, I must register and comply with GDPR. However, if I respond publicly with ambiguous advice, I do not
  • If I gather data for mail shots, newsletters no matter what the content is, I must register and comply with GDPR
  • I do not need to register or comply with GDPR if a reader simply posts a comment publicly and I make no money out of that transaction
  • AD revenue made on page visit alone means I do not need to register or comply with GDPR. If I used targeted Ads then I would need to register and comply with GDPR

So, I guess this evening I will be writing a privacy policy it seems…. But at least I do not need to register with the ICO. Do you?

Hope this helps fellow bloggers out there determine their GDPR status.

Advertisements

4 thoughts on “Does GDPR Apply To You As A Blogger?

      1. I think it is determined that you are leveraging your reader database to reach out and promote a product and that in itself is seen as a way of monetizing your site. Although they were a little vague in some of the things they told me.

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.