GDPR Compliance Roadmap - steps taken

25th May 2018: This document lists the steps taken by This Website (www.gemstoneslist.com) in order to achieve GDPR compliance:

Read and the full text of the very complicated 261-page GDPR legal document (available here https://gdpr-info.eu/ ) DONE

Upload latest compliance roadmap (this page right here) to all websites. DONE

Update privacy policy. DONE

Update cookie policy. DONE

Provide way for visitor to view the cookies used. (Cookie-checker.com) DONE

Create and send privacy and information security tutorial to virtual assistants, training them in best practices for making sure info stays secure; make sure they have all read and signed. DONE

Deleted 10 of my websites because it would be easier to just scrap the least commercially successful projects than to make them compliant. DONE

Change Youtube embed code on all web pages that contain Youtube videos (many hundreds of articles!) and put in new code that has the 'enhanced privacy' option from Youtube selected, that uses youtube-nocookie.com DONE

Study and implement best Adsense practices for not sending Personally Identifying Information: https://support.google.com/adsense/answer/6156630DONE

Replace method="get" with method="form" on all websites (for example in search boxes) and in all code on backup versions of sites. DONE

Audit Google Analytics to check that PII is not being collected / passed to Google via URLs, page titles and other data dimensions. DONE

Deleted Facebook tracking pixels and custom audiences completely DONE

Delete Google Analytics properties that are superfluous. DONE

Check all Google Analytics properties to make sure no-one else has access to the data via "users" in the GA control panel. DONE

Add recommended code to all analytics.js and gtag.js code blocks in order to anonymize IPs in Google Analytics, as per:
UPDATE: IP anonymization is now enabled by default in Google Analytics 4. DONE

Update all Aweber forms to clarify what is being consented to and give clear instructions on how to opt out either using unsubscribe link or manual request. DONE

Update Hello Bar to clarify what is being consented to and give clear instructions on how to opt out either using unsubscribe link or manual request. DONE

Implement a GDPR compliant way to ensure that Adsense does not track users / remove ad personalization possibilities. IN PROGRESS - WAITING FOR ANSWERS FROM GOOGLE ON HOW TO DO THIS. Commentary here https://pagefair.com/blog/2018/googles-nonpersonal-ads/

Remove Facebook "like" plugin from all pages (or make compliant with non-tracking?) ("If you embed a Facebook like button and Facebook loads their scripts into YOUR site then it is YOUR responsibility to make sure Facebook is compliant with the law.") (wow) https://news.ycombinator.com/item?id=16792441. IN PROGRESS

Privacy Policy | Cookie Policy | GDPR (you are here) | About This Site / Terms | Homepage

© gemstoneslist.com 2018