Any information contained in this article should be construed as legal advice and is not intended to be a substitute the appropriate legal or other professional advice in your jurisdiction.
If you collect emails or names for your newsletters, then you will likely be aware of the numerous rules around collecting names and sending emails. GDPR is one of those rules, specifically looking at how you collect and process “Personal Data”.
What is GDPR?
GDPR, or General Data Protection Regulation, is a piece of European Law which came into force in 2017. At this point, many companies had to change how they handled and received personal data from individuals living in the European Union.
What does it have to do with me?
GDPR applies if you are in the EU, or you are handling the personal data of EU Citizens.
What is Personal Data
Personal Data is defined as information which relates to an identifiable or identified individual. This captures everything from someone’s email address, to even their IP address. If it is possible to identify an individual from the information you’re looking at, it’s personal data.
What is a Controller or a Processor?
GDPR says that, depending on how you are handling someone’s Personal Data, you are either a “Controller” or a “Processor” of that Data.
(yes, there are other statuses of control, like a “Joint Controller”, but those aren’t the topic of today’s article).
The main difference between these two status’ is whether you are determining the purpose for which the data is processed, and the means by which the data is processed.
This sounds quite complicated, but in essence it is all about who is giving and receiving the instructions.
I run a newsletter, so how does this affect me?
For a newsletter, there are a number of points you want to remember:
- Minimise what data you are collecting about an individual. This is a requirement under GDPR, but also good practise. The less data you have about someone, the less risk there is about how you look after it.
- E.g. if you’re running a bookish newsletter, do you just need an email from the person signing up? Email and first name? Consider what is the need for a full firstname and surname, or name and address?
- Make sure you get consent. For most newsletters, signing up to receive newsetters means the individual is consenting for their personal data to be used for the receipt of the newsletter.
- Check what the requirements are for your newsletter distribution service, and how they consider you as the newsletter owner under data protection law. For example, Mailchimp consider the “Member” to be a Controller of the “Users” data.
I’ve put some helpful links below to some sites that might help your understanding of GDPR:
This article was first released as part of my Autumn Newsletter. If you’re not already subscribed, sign up below! You get access to my FREE fantasy short story “The Gateway of Arieum” when you sign up!
Featured Photo by Lianhao Qu on Unsplash
- How To: Power and PoliticsIdentifying how power works in your world is important because, let’s be honest, power is what drives society. Who has it, who doesn’t have it, and what those in … More How To: Power and Politics
- How To: Writing the AntagonistSo why are antagonists important? I think every writer ponders this question at some point during their creative project. I personally find myself pondering this during the editing stage, … More How To: Writing the Antagonist
- How To: Writing GoalsWhat is a writing goal? Have you set writing goals for yourself before, but never been able to stick to them? Writing goals each serve a different purpose in … More How To: Writing Goals