Where can I get legal pages for a site to conform to GDPR laws and Google's requirements for a site?

Are you sure that compliance is even necessary for the business owner?

What personally identifiable information is collected/stored on the site? Facebook and Google (because they both collect and store personally identifiable information for the purpose of building advertising profiles) definitely face compliance issues - but you (or the site owner) may not have any liability at all.

If you DO collect and store personally identifiable information from your site visitors then you probably have a much bigger problem than just modification of the Privacy Statement on that site.

All personally identifiable information must be encrypted prior to storage, and you need a way to decrypt that same information when it is retrieved from storage (i.e. your database) for any manipulation or display back to the user (either on page or via email).

Spider,

Internet marketer Armand Morin used to sell a product which generated policies and terms of service for Internet marketers. I don't know if it's still available or not - but you might try Googling "autoweblaw" - as I recall it was about $150. Not cheap, but it's better than thousands. Of course, the best solution is to talk to your own attorney who deals in Internet law.

Good luck,

Steve

I would strongly recommend you use most any other AR. TW is the worst as far as UI.

If Aweber, Getrepsone, etc. were smartphones, TW would be an old connected-to-the-wall rotary dialer.

Yes.

Outdated, difficult to use, horrible support...need I go on?

I found this which appears to provide a free account and be GDPR compliant.

https://www.iubenda.com/en/

It does say the free account has some limitations. I sent a message to find out what the difference is for free VS paid and to make 100% sure it covers GDPR.

Even if for some reason you need a paid account, it is only $27 per year. Which cheap compared to generators I found on the web.

I will update post once they respond to my message.



I also found this site that has a free GDPR generator. The problem is that I can't get it to display in English, even though there is an English option. Appears that the site is German. If you can read it, it could work for you.

https://dsgvo-muster-datenschutzerkl...tz.de/?lang=en

I found this privacy policy generated using it.

GDPR Privacy Policy - Amy Faith Photography


I also found a free GDPR template. But it is pretty confusing if you don't understand all the terminology.

https://seqlegal.com/free-legal-docu...privacy-policy

I often wonder if people in the U.S. have to be compliant. I mean. I am a U.S. company located in the U.S. if anyone visits my site they are in essence leaving whatever country they reside in and engaging in commerce or whatever at my site in the U.S. Lets face it. If I have a store here in the U.S. and someone from England is visiting I do not have to conform to their laws only the ones in my local, state, and federal jurisdiction.

al

You might want to take a second guess.

Think about it. Saying that the list will not be shared, and then sharing it or swapping it (which is basically the same thing), is pretty much the textbook definition of "bald faced lie."

Has nothing to do with GDPR and everything to do with basic honesty.

You can get a free Wordpress plugin that you can search and add WP Legal Pages within your WP Dashboard.

This is the UK Information Commissioner Office site where much of the GDPR detail can be found: https://ico.org.uk/
Also:
https://ico.org.uk/for-organisations...dpr-resources/

Note the EU (and most countries) have their own regulations

This looks like it could be helpful:
https://wordpress.org/plugins/wp-gdpr-compliance/

I also got a quote for $200 from an online lawyer in another country (from Upwork).

I'm also trying to figure out what I really have to do. I'm in US and don't overtly market outside the US, but as I'm on the internet, anyone around the world can subscribe or buy a product.

But how can EU go after a US company in the US?

You can use this free tool I created (no opt-in or jumping through hoops), just be sure to watch the video first in which I stress I AM NOT A LAWYER!

https://pages.andybrocklehurst.com/legalpagemaker


Hope that helps

Andy

How could the EU come after a US company?

While it would take more time than I have right now to confirm, if I had to guess it would be similar to international copyright laws. In theory, the US would agree to enforce GDPR for US companies dealing with the EU.

Hi all,
I sent this email to my clients, in case any of you do website work. If you notice, I copied a bit from others above (thank you very much).

Feel free to use any of my email if it helps for your clients. It doesn't look like I can post an attachment, so just do a search on: preparing-for-the-gdpr-12-steps.pdf

-------------------------------------------------------------------------------

The European Union has passed a law that is more restrictive to how you handle your subscribers' and customers' data.

I am not a lawyer, so this is NOT legal advice. It's best to check with a lawyer, ESPECIALLY if you market to Europe. As our websites are open to the internet, that means anyone in Europe can subscribe to our emails or buy one of our online products. I don't know how the EU could possibly go after us, but who knows? Perhaps better safe than sorry. While it would take more time than I have right now to confirm, if I had to guess it would be similar to international copyright laws. In theory, the US would agree to enforce GDPR for US companies dealing with the EU.

I've found some info that may help you.

1) I've attached a document we found on the internet that summarizes GDPR.

2) If you want a lawyer, I found a lawyer from Kenya on Upwork who has been very helpful and gave me the cheapest quote ($200) for one website.

https://www.upwork.com/freelancers/~012226951bd485c932

Hillary Muthomi

This is what he told me:
In your case and that of your clients, updating terms of use and privacy policy that is GDPR compliant is sufficient. You don't need to do more than that since that would regulate your web presence.

3) Here is possibly the easiest way to do it (and free). He's not a lawyer. Watch his video first he said. It's free, but you can donate to him.

https://pages.andybrocklehurst.com/legalpagemaker

4) Here is a free Wordpress plugin that probably does the same as the website above:
https://wordpress.org/plugins/wp-gdpr-compliance/

Please note that if you want us to post the docs on your website, there would be a small fee. I haven't had time yet to figure that out, but it should be minimal. The easiest/cheapest way is for you to create a page in Wordpress, then copy in the info. If you already have Terms of Use and Privacy Policy pages, then just copy in the info from legalpagemaker and you don't need to involve us!

There is a possibility that you will need to send an email to your subscribers telling them you have changed your privacy policy and terms of service. I haven't gotten that far to know if I need to do it or not. You probably have seen loads of companies emailing updated Privacy Policies. Most likely it's for GDPR.

I am NOT an expert in this, so make sure you do your own due diligence. If you don't mind, please send me anything you have found.

One more thing, by July, you will want to have a SSL Certificate. That means your website will be https and if you are currently using http you will then forward it to the https version. Google essentially will be requiring it by showing a not very nice page saying something like "this website is not secure". While I know most of your websites are secure, you will want to do this. Otherwise you will lose a lot of viewers/subscribers/buyers. You will need to purchase the SSL certificate from your domain provider. For GoDaddy, make sure you call their customer support. They often have sales. I was able to get a 50% off for 5 of my websites. Their normal price is $79. You may be able to get 30% off. Another way to get it is to call them and ask about it (but don't buy). Then you will get an email "how did we do?". Complete the quick survey. The email will give you a code that will give you probably 25% off. Then call back and buy the SSL Certificate. If you want us to do the work, I will be creating a quote.

This legal stuff is not my favorite, but sometimes we have to deal with it. In both of these situations as far as I can see we will need to.

For me, I wrote my legal pages of my website myself, so I suggest to learn that.

the matter up to you, if you have suitable experience with legals issues, so I believe that you should build it yourself.

Hi,
For the record I am not a lawyer but, as someone who lives in the UK and dealt with their strict data protection laws while working in IT for various companies including banks, just updating your Terms & conditions and Privacy policy pages is not sufficient.

I believe the parts of the regulations that will affect most small businesses will be:

All site visitors including returning visitors who previously accepted your T&C s MUST accept your new T&C's and Privacy policy.

The right to be forgotten means if someone contacts you asking to be forgotten, you have to supply them with all the data you have on them and confirm you have deleted that data or have a good reason why you cannot. That includes blog posts and comments.

The right to rectification means if they ask for something to be corrected even if only to correct their email address or a blog post you must comply and inform them you have complied.

The GDPR regulations only recommend data encryption it is not compulsory but it would be foolish
not to encrypt sensitive data such as credit card details etc.

If you are aware of a data breach e.g. a website hack or that data has been stolen you are obliged to inform ALL your registered site visitors and the relevant Data Protection agency / government department in your country.

I am sure if you put procedures in place to deal with these eventualities and keep a written record of them you will comply with the regulations.

Hopefully this article articulates the new requirements.
https://blog.aweber.com/email-market...g-debunked.htm

You can find some good "boilerplate" templates here https://termsfeed.com/ (not an affiliate link). They offer both free and paid-for versions.

There's also some good information here: https://ico.org.uk/for-organisations...egulation-gdpr

If you've already got a privacy policy, it probably just needs updating. I found the information on this site (https://www.econsultancy.com/blog/69...-with-examples) very helpful for updating mine.

You may want to contact https://www.warriorforum.com/members/jscotttalbert.html

He is a lawyer and a long time ago he had a WSO for website legal forms.

Not sure if the forms or notices cover everything you need or updated.

Worth checking into. Maybe you can even find old WSO.

Glenn

edit: here is his website and page with legal forms
https://lawyer2warrior.com/products/