GDPR for authors with email lists

April 23, 2018


We tend to send our personal data all over the world, online services, newsletters, web-portals, YouTube, Facebook, Twitter… they all collect information about us; the search words we use, the sites we go to, the music we listen to, the products we buy and even our computer’s IP addresses. 





GDPR, also known as the General Data Protection Regulation is effective from May 25th. It sounds scary but in short it means that every citizen in EU has a privacy protection of their personal data.



"So, if you are an author outside of EU and you have an email list that includes European people, it means that you store their personal data, and this all considers you as well."



GDPR will apply to all companies selling to and storing personal information about citizens in Europe, including companies on other continents. So, if you are an author outside of EU and you have an email list that includes European people, it means that you store their personal data and this all considers you as well. It provides citizens of the EU and EEA with greater control over their personal data and assurances that their information is being securely protected across Europe.


If you have a CRM or an email list, means that you are collecting and storing personal data and you are obligated to assure that you will keep that personal data safe. What you need is to have a proper privacy policy on your website, you need to let every visitor know that you use cookies, and if you do have an email list or CRM, you need to be sure you have a consent from everyone in that list. And you need to have a clear opt-out possibility.

"Value your subscriber’s personal data."


Use these simple steps:

  1. Write your Privacy policy. You can find templates online or just take a look at mine and do some copy-paste. I don’t mind.

  2. Let your subscribers know that you have an adequate measures to keep their personal data safe, and that you will not sell the info to a third party.

  3. If you do have a huge email list and you are not sure how everyone has got there in the first place, send a newsletter and let them know that you value their personal data and that you will keep it safe, but if they wish to opt out at this point, there’s a chance to do so. This shows that you are not an idiot and you know what you are doing.

  4. If any of your subscribers wishes to see, change, or erase the personal data information you have on them, you need to do so. Asap. And if there is a data breach, a person must be notified within 72 hrs.

  5. Make sure when people sign up to your mailing list, they understand that it is a newsletter list, where their information goes, and how they can opt out.

  6. Put the cookie banner on your site. If you use any data collector, for example Google analytics (like you should if you wish to know how many people visit your site and on which pages), you are using cookies.


There are tons of info about this online. Just Google it. Unless you are now afraid of Google discovering all your secrets. I think all this should be obvious to every entrepreneur even without any new regulations. Don’t be a schmuck. Value your subscriber’s personal data.

Hope this little info helped you!  

PS. I am NOT a professional lawyer and this is only my vision of how it all goes. That was a disclaimer. 






Share on Facebook
Share on Twitter
Please reload

Recent Posts

April 4, 2019

March 9, 2019

February 1, 2019

Please reload

Search By Tags
Please reload