I don’t know about but I have received endless emails from big companies informing me of their privacy policies in the past few weeks to the point where I feel tempted to delete them the moment they hit my inbox. I have resisted this temptation and so should you. Today, however, I want to talk to you about GDPR for authors. Before I start, I want to say that “Yes I am a lawyer by training” but no, I am not a practising lawyer at this point and I have no specialist knowledge in that field. However, I know where to find information and interpret it. And in this blog post, I want to debunk some of the myths around the GDPR. And there are a lot of them.

Myth nb 1: GPDR does not apply to me because I do not live in the EU

Contrary to popular belief, GPDR applies automatically to you from the moment you engage with a client or prospect that lives in the EU. It only applies to their own data but you would probably be wiser to make it compliant for all your contacts to save you the pain of having to identify who is in the EU and who isn’t. They don’t just have to be your clients though, or contacts, they could be complete strangers that visit your website. The fact that your website is live on the internet means you need to cater for the EU citizens that might come and visit it. The good news is, that as an author and small business owner, the GPDR is not as bad as what most people say AND the authorities have no intent to smack small business owners for small faults they might make. What they require of you is that you make the best effort you can to be compliant. You mustn’t bury your head in the sand though. You need to show that you are working towards compliance. So please do.

Myth nb 2: GDPR will kill my mailing list

That is another myth that needs debunking. If you have an existing list that people have signed up for through a provided like Mailchimp or InfusionSoft, you are half way there. There is work you need to do but it does not mean you will lose all of the people on your list. Consent is only one of the lawful grounds to process your clients and prospects data. It is not the only one. I am not going to go too much into detail about the other grounds as I still have to do my research on it but there is another ground that could serve you well called legitimate interest. And it is in every author and business owner’s interest to process the data of their clients and leads and send them newsletters to keep in touch. Marketing is a legitimate interest for you. Isn’t that a big relief? So no, the EU is not after killing businesses. The intent of the GPDR is to give more power to customers to manage their own data. It is no longer going to be OK to share data with their parties, even with their consent. Personally, I welcome this wholeheartedly. Also, this can be an incredible opportunity to re-engage your list, so look at it as an opportunity rather than a curse. I have shared below the link to the email I sent this morning to my mailing list to re-engage them and the response has been heart warming.

Myth nb 3: I need to obtain consent from all my newsletter subscribers and if I don’t, I will lose them

Again this is not true. If the way you have collected data from your clients and prospects is GDPR compliant, and it could already be, you have nothing to fear. You might not even need to ask them to sign up again, so check out the conditions of compliance and do your homework. The lawyer whose advice I sought indicated rightly that small business owners such as authors, are not likely to have been GDPR compliant but that doesn’t mean that none of us are. Of course, for future prospects, it is better to be compliant right away. But as with any legislation, there is a range of  provisions that you could take to comply and the EU understands that smaller businesses do not have the capacity to manage data the way big companies do. So big companies would be well advised to err on the side of caution (which is why you have received all those annoying emails) but you, on the other hand, might be safe to take a bigger risk. I need to add, however, that a bigger risk does not mean burying your head in the sand and ignoring the GDPR.

Myth nb 4: If I bundle the consent I get from my leads, I save myself some time and effort

One of the things that the GPDR does is to make sure that customers are informed ahead of time of what they sign up for. It aims at increasing transparency. That is also the reason why you need now to have a privacy policy (whether you have a website or not) and to let your clients and prospects know that it is available for them to check at any time. But I will say, you also need to have terms of service and a proper disclaimer. I know it can feel like legal matters are invading your life and spoiling the fun but having clear terms of service, a privacy policy and a disclaimer protects both you and your client. Managing expectations and clear boundaries are very important in business. And I expect you as an author to behave like a pro. This means taking care of your legals. You can check mine here, but don’t copy and paste them onto your website and be aware that as of the date of this blog post (21st of May) my privacy policy is not yet compliant with GDPR – it is getting there but not quite there if that makes sense so don’t copy and paste it). Your business might look very different than mine. By all means inspire yourself from mine but check the legalities of where you live and of your own profession. It does not necessarily mean hiring a lawyer but at some point, you should consider it.

Myth nb 5: I don’t need to worry about other information I collect directly from persons I meet

The GDPR applies to all information you collect and process, not just the online thing. So if you enter information about your clients in a spreadsheet, or type up the notes from your sessions, that information will be considered data that needs protection under the GPDR. If you have a spreadsheet with hot leads that contain names, professional, and generally demographics attached to your target market, make sure you comply with your local law with regards to data processing and also the GPDR.

I hope you found my blog about the five myths of GPDR helpful.

Remember however that you only have until the 25th of May to become compliant. After that, if you process data in violation of the GPDR, you are liable to fines. And believe me, if your clients love you and would not dream of suing you for that, your competitors might. So do yourself a favour and work on that GPDR compliance, ok? It is time well invested. I have recently joined an affiliate programme for the work of an English solicitor with extensive experience on data protection and the GDPR. She offers a free check list to work towards compliance with GDPR, click here to sign up for her list.

If you know you want to purchase her pack, click here.

If you would like to get inspiration from the re-engagement I sent to my mailing list this morning, click here. Please note that this email is not enough. The fresh consent needs to be obtained on the back end with all the right tick boxes, etc. Sign up for Susanne Dibble’s free check list above.

To your writing,

(c) Ange de Lumiere 2018

  • Evernote
  • Gmail
  • Delicious
  • LinkedIn
  • Buffer
  • Digg
  • reddit
  • StumbleUpon
  • Tumblr
Share This