What You Need to Know about GDPR and ePublishing

As of Thursday, April 27, 2023

Many of you have been hard at work on figuring out what the heck to do about GDPR. As you know, on May 25th the European Union and U.K. are launching a data-privacy initiative that will affect how we all deal with personal data.

ePublishing is announcing a series of steps we are taking to support your GDPR needs.

First and foremost, we are in the process of becoming certified by Privacy Shield. Privacy Shield is “a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.”

Initiated by the United States and Switzerland, Privacy Shield has been adopted by the EU as a standard which meets GDPR requirements. So rest assured, when you work with ePublishing, you will be working with a certified provider in compliance with the required standards.

We have included a list of features ePublishing will provide* to make your own compliance with GDPR easier but first we need to cover some basics.

GDPR Basics

Here is an overview of what you need to consider regarding GDPR. As you know, we are not international lawyers. We're not even domestic lawyers. Heck, we aren't even closet lawyers, so please do whatever research you feel is needed to comply with GDPR.

What We are Doing to Help

  1. Warnings. If you do not already, you can add "cookie warnings" for visitors to your site.
  2. Tagging. Our User Manager has three options for tagging your records:
    Opt-in email
    Opt-in for postal mailings
    Opt-in for 3rd party mailings.
  3. Making user response easy. We can help you designate a spot on the Client Profile page template sidebar (or other location) for a medium rectangle ad (300x250) to deliver a GDPR message targeted to EU residents.  By setting your ad server to deliver a message to this space to all EU/UK visitors only, you can invite those who have questions about their data to respond. This will prevent US-located visitors (and others) from being invited to bother you with extra questions. The ad's link should take them to a Page Manager landing page, with a form that will notify you that an individual has a question or problem. This generates an email to your DPO.
  4. Making internal audits easy. If you ever need to review your data, we are adding a GDPR-focused report which will list all users within the 28 countries in the Eurozone and display their opt-in/opt-out status for all regulated points.
  5. Deleting results of cookie tracking. ePublishing is probably tracking your logged-in visitors for articles they read, what they download, etc. If you ever need to jettison the tracking history of an individual, all you need to do is delete the user manager record of that individual. The data we have recorded will become anonymous. Under GDPR, data that cannot be linked to a specific person is no longer personal data.

If you would like assistance with any of these, please contact your Project Manager. We will let you know as soon as the GDPR-focused report is rolled out in our platform, so stay tuned for updates.