GDPR and Blogging – Steps You Should Follow

As we already learned, GDPR affects everybody with a presence on the internet. Bloggers are no exception to this. Even though it sounds so distant from the work and the every-day life of a lifestyle blogger, describing his/her days, giving cooking/parenting/beauty advice, some of these bloggers need to get compliant with the GDPR.

Who has to get compliant with GDPR?

  1. You live in the EU/EEA.
  2. You have subscribers from the EU/EEA (even just one).
  3. You collect data about your readers/subscribers. In the case of blogging, this consists mainly of emails and  IP addresses of readers. Both are considered personal data under the GDPR.

If you cover any of these, your blog needs to be compliant with GDPR.

Why I need to get compliant with the GDPR?

Besides the reasons stated above, the aims of the GDPR are much bigger and philanthropic. Its main goal is simply to protect consumer data (the personal information of the data subjects such as a name, email address or home address, IP address, personal identification code, telephone number etc.) from being misused by anyone collecting it.

What are the specific measures each blogger should undertake?

  1. Start (if you haven’t already) telling your subscribers what they should expect from signing up for your email list (newsletter).
  2. Don’t share users’ personal data with any third parties. For example, if you are hosting a giveaway and then share the winner’s email address with the brand sponsoring it.
  3. Definitely stop incorporating auto opt-in forms.
  4. Don’t add subscribers to the email list without their consent.
  5. Sharing personal information is a two-way street, meaning that sharing any contacts from the brands you are writing about is also forbidden without the expressive consent of the contact person.

How to get GDPR complaint?                        

  1. Make a list of all the apps, software and plugins with which you currently collect personal information about your readers or followers. The most common case for bloggers is through the email client and the comments software. Still, it’s better to go through all of the possible apps, software, and plugins to make sure each tool is in compliance with the GDPR.
  2. A cookie warning should be in place if you are using cookies on your blog. This could be the little pop-up that a reader has to dismiss, agree with, or click ‘OK’. Cookies include Facebook Pixel and Google Analytics tracking, so your website is probably using cookies.
  3. All of your email lists subscribes should be promptly informed about:
  • The information that is getting stored and the purposed it will be used for.
  • Getting the subscriber’s active consent in receiving this information, either by having a checkbox, a clear notice that their email addresses will be added to your list, or a double opt-in.

Most email marketing software already implements such features, so all you will have to do is set it to the correct setting. For example:

  1. Update the privacy policy. The privacy policy should be as explanatory and transparent as possible, and refers to the data that is being collected from the readers, which third-party vendors have access to it, In most bloggers’ cases, this will mainly involve explanations about the email list, the software in use, the purpose of the email list, and a note saying that the subscribers can unsubscribe at any time!


Despite the extra administrative work that a blogger should go through in order to get compliant with the GDPR, the regulation should be seen as an opportunity rather than a burden. Some bloggers may get compliant with the GDPR because this is the law, and some may get compliant to show transparency and care for the reader’s personal data.

17 thoughts on “GDPR and Blogging – Steps You Should Follow

Leave a Reply

Your email address will not be published.