I think all of us rapidly became aware of how little we know and how complex it is becoming!
As a brief summary, GDPR is legislation that aims to protect the privacy of all EU citizens. It is a system of principles, rights and obligation which everyone who has a website needs to be familiar with.
If you have a website at all, it is very likely that you need to make some changes to it to comply with the legislation.
If you fail to comply with GDPR, you could be fined for up to 20 million euros or 4% of your yearly turnover, whichever is higher.
- Personal Data must be processed lawfully, fairly and in a transparent manner in relation to the individual
- You must be honest, be open about who you are and what you are going to do with the personal data you collect
- personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes
- personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed
- personal data must be kept in a form which permits identification of individuals for no longer than is necessary for the purposes of the processing
- personal data must be processed in a manner that ensures appropriate security of the data using appropriate technical or organisational measures
You may think that this doesn’t affect you or apply to your website. But if you ever ship or sell products to the EU or offer a digital service that’s used by EU-based customers, then it is likely that it will.
Examples of things to consider
Perhaps an even better alternative is clear pop-up notices whenever you are asking a user for personal information, explaining how this will be used and linking to further information. For example, if you collect an email address on a contact form, you might add an explicit message as to why you need this information and how you will use it, e.g. ‘to allow you to access your account and so that we may contact you with important information about any changes to your account’.
- The default for any ‘opt in’ box must be un-ticked. Individuals must actively give consent.
- If you have pages, say on a blog, where people can comment, you will need to get their explicit permission to retain (store) a connection between their comments and their identity in the form of their email address.
- If you are using analytics, there may be implications about what data you can legally collect and store.
- If you are running an e-commerce store, you will need to be clear about what information you may legally hold. This gets complicated in that most countries require that you retain a copy of all invoices for a certain length of time. So you may find you have to delete copies of orders, but retain copies of invoices for the prescribed time, with an effective process for deletion when that time expires.
There is a great deal of good information available about GDPR and how to tackle compliance. Below are some links to resources we have found useful, including information about the work WordPress is doing to help users with compliance.
Site Owner’s Guide to GDPR – a really excellent resource manual is available, whether or not you download the plugin it supports. (Codelight)
GDPR: How to write a Privacy Notice – Best Practices – very helpful article with some practical examples. (Hashed Out)
Worried about WordPress and GDPR? Start Here – a good starting point (Pagely)
GDPR Compliance Tools in WordPress – what WordPress is doing to support users with GDPR compliance. If you want to see a bit more of the background to this, you may want to look at Roadmap: tools for GDPR compliance
Slides as presented at WordCamp Toronto, 2015
We all have created the odd WordPress site that has turned out to be fast but how do we do this each and every time?
In this talk I explore some of the techniques and choices that will make your site feel fast and also talk about how to automate / streamline your development process so that you can do this each and every time, no matter how rushed you are.
- Understand what slows code down.
- Realise how an SQL calls slow the site.
- Understand that perceived speed can be more important than real speed.
- Learn how to automate deployment.
- Discover that it’s the small items that count.
- Know what caching is, know how cache works in WordPress.
- Understand the problems that caching causes and how to work around them.
I discovered Fitt’s law back in 2011. It states that:
The farther you are and the smaller the target, the longer it takes to move the cursor and point at said target.
Tom Stafford said it best:
“Although the basic message is obvious (big things are easier to select) it is the precise mathematical characterization that is exciting, and that this characterization includes a logarithmic function – which means that the shape of the relationship between size and reaction time is curved so that small increases in size for small objects make it much easier to select them (whereas small increases in size for big objects don’t make that much difference). And the same applies for changes in target distance.”
or in maths speak MT = a + b log2(2A/W)
I first came across this rule in the this post, The Opposite of Fitts’ Law by Jeff Atwood:
Jeff talks about not putting the the “Delete Forever” button too close to the “Save” button . . . just like you wouldn’t want to put the ejector seat switch next to the radio!
Here’s another good article on Fitts’s Law: Vizualizing Fitt’s Law