Data Protection Regulations 2021: Blog

Data Protection

A note on our behalf: Although our data protection officer has checked this article, we do not want to and are not allowed to give you any binding legal information here. Get together with data protection professional to be on the safe side regarding data protection law!

Everyone who operates a website and uses it to collect visitor data is obliged to protect data. In addition to the general GDPR aspects such as data protection declaration and legal notice, there are a few other points that you should pay attention to, especially on the subject of blogs. Read here what these are and why they are so important.

Necessary for data protection in the blog: Imprint and data protection declaration

Imprint and data protection declaration should not be missing on any website because they anchor in the General Data Protection Regulation (GDPR) and the Telemedia Act (TMG).

Data protection

Articles 12 and 13 of the GDPR refer data protection officers to their information obligations. You are obliged to explain to the visitors of your website clearly and understandably:

• The legal basis on which the personal data process
• for what purpose you collect data
• who receives the data
• how long you store data
• what rights data subjects have
• Who can contact data subjects or who is responsible for data protection

The data protection declaration of your blog should be structured and dispense with unnecessarily complicated legal language—keyword: clear and understandable.

Imprint

All website operators who do not operate their site purely for private purposes are obliged to use the legal notice. Means: As soon as you offer products or services or publish journalistic-editorial content, create an imprint. At least this information belongs there, which can be expanded by a few points depending on the industry:

• Name, address and contact options (phone and email) of the website operator
• Representative of your company
• Legal form (GmbH, AG, GbR, …)
• Register or register number
• VAT identification number

Data protection declaration and imprint must be easily accessible. It does not matter whether users are currently on your blog or your “About Us” page: they should find this information with one click. It works best by linking the privacy policy and legal notice in the footer menu at the end of the website.

Privacy for anyone who leaves a comment on your blog

Data protection in the blog must also be taken into account when using the comment function. If you allow users to participate in discussions about your blog post via a comment function, you must also pay attention to data protection here. Before you publish your comment, tell the user what data they are sending you (usually your email address and name). In the published comment itself, the email address should not be visible to everyone.

What tools do you use?

With the introduction of the ‘GDPR’, internet users have the right to determine the processing of their data themselves. All personal data that arise when you visit a website may no longer be collected. Therefore, your data protection declaration must contain an up-to-date list of all tools and third-party providers that collect data.

In addition, users must explicitly consent to the collection of their data. It is the reason why you first have to click your way through the cookie consent on every website. Of course, this also applies to data protection in the blog.

Use Google Analytics here; for example, to understand how the visitors found your blog, this must be recorded in the data protection declaration – and you must obtain their consent. By the way, you specifically need this consent for all cookies and tools that

• Analyze user behaviour,
• Create user statistics,
• Create user profiles,
• and forward data to third-party providers.

The consent must not be preselected.

Ensure privacy on your blog with SSL

SSL encryption, also known as the HTTPS protocol, encrypts all data entered on the website. They can then no longer be readout. In addition to the pure security factor: This data protection in the blog improves your ranking in search engines!

When assessing your pages, Google also takes their trustworthiness into account. And with secure SSL encryption, there is then a small push in the ranking.

Do you offer lead magnets? Then also, pay attention to data protection here.

A blog is worthwhile for several reasons: Search engine optimization of the website, increasing the trust of potential customers and generating leads. For the latter, you should offer free downloads that get prospects into your email funnel. And this is also an important factor in designing your blog in compliance with data protection regulations.

The same applies here: data may only be used further with express consent. The email addresses and names of the interested parties who have downloaded your lead magnet cannot simply be saved and added to your email distribution list. The so-called double opt-in has been used as confirmation proves.

After requesting the download, interested parties first receive an email with a confirmation link. Only when you click on it is an entry in the mailing list – and there is the corresponding lead magnet.

With the help of the double-opt-in process, you can also easily prove when you collected which data – and that you have your consent!

Data protection is also part of the blog.

Have you checked these items off? Then you can assume that your blog is data protection compliant and does not violate the users’ rights. The same applies here in all other areas of your website: All integrated services and click options must not access data without consent.

If you are unsure whether you fully meet the requirements and have not forgotten any tool or plug-in, you should contact a data protection professional.

Read More: Content Marketing