Any information contained in this article should be construed as legal advice and is not intended to be a substitute the appropriate legal or other professional advice in your jurisdiction.
If you collect emails or names for your newsletters, then you will likely be aware of the numerous rules around collecting names and sending emails. GDPR is one of those rules, specifically looking at how you collect and process “Personal Data”.
What is GDPR?
GDPR, or General Data Protection Regulation, is a piece of European Law which came into force in 2017. At this point, many companies had to change how they handled and received personal data from individuals living in the European Union.
What does it have to do with me?
GDPR applies if you are in the EU, or you are handling the personal data of EU Citizens.
What is Personal Data
Personal Data is defined as information which relates to an identifiable or identified individual. This captures everything from someone’s email address, to even their IP address. If it is possible to identify an individual from the information you’re looking at, it’s personal data.
What is a Controller or a Processor?
GDPR says that, depending on how you are handling someone’s Personal Data, you are either a “Controller” or a “Processor” of that Data.
(yes, there are other statuses of control, like a “Joint Controller”, but those aren’t the topic of today’s article).
The main difference between these two status’ is whether you are determining the purpose for which the data is processed, and the means by which the data is processed.
This sounds quite complicated, but in essence it is all about who is giving and receiving the instructions.
I run a newsletter, so how does this affect me?
For a newsletter, there are a number of points you want to remember:
- Minimise what data you are collecting about an individual. This is a requirement under GDPR, but also good practise. The less data you have about someone, the less risk there is about how you look after it.
- E.g. if you’re running a bookish newsletter, do you just need an email from the person signing up? Email and first name? Consider what is the need for a full firstname and surname, or name and address?
- Make sure you get consent. For most newsletters, signing up to receive newsetters means the individual is consenting for their personal data to be used for the receipt of the newsletter.
- Check what the requirements are for your newsletter distribution service, and how they consider you as the newsletter owner under data protection law. For example, Mailchimp consider the “Member” to be a Controller of the “Users” data.
I’ve put some helpful links below to some sites that might help your understanding of GDPR:
This article was first released as part of my Autumn Newsletter. If you’re not already subscribed, sign up below! You get access to my FREE fantasy short story “The Gateway of Arieum” when you sign up!
Featured Photo by Lianhao Qu on Unsplash
- How To: EndingsEndings of a story have a special place in my writerly heart. Finding the right ending to a story, especially a longer project that I’ve been working on for … More How To: Endings
- How To: Write when you’re busyIn one of my blogs last month, one of the reasons I said why writing is a Good Hobby is because you don’t need all the time in the … More How To: Write when you’re busy
- How To: A Character’s VoiceHaving a distinctive character voice for each character can help your reader understand their secret inner words. Not just through dialect, but the type of words they use and … More How To: A Character’s Voice