We talked about GDPR, or the General Data Protection Regulation, in a our last LEADman post. Many businesses outside of Europe wrongly assume that GDPR doesn’t apply to them. Enforceable since May 25th, 2018, non-compliant businesses can be subject to significant financial penalties of up to €20 million, or 4% of the worldwide annual revenue of a company’s previous financial year, whichever is greater, under the regulation.
What is GDPR? and how does LEADman help me comply with it?
The General Data Protection Regulation (GDPR) is an EU regulation that protects the privacy of all individuals within the European Union, it increases the obligations that organisations, who collect or process that personal data, have. It’s goal is to give individuals control over their own personal data.
LEADman's goal from the outset has been to give your business a GDPR compliant way to collect leads and contacts.
I'm not based in Europe, does GDPR apply to me?
There's no easy way to break this to you gently, regardless of where in the world your company is based, or how many employees you have, or how much money your company makes, if you collect, store, or process data on European citizens, then the GDPR applies to you.
What does the GDPR class as personal data?
Anything from a name, phone number, email address, photo, or even the user's computer IP address etc, in-fact anything that can directly or indirectly identify a person is personal data.
How does LEADman help make my Joomla site GDPR compliant?
You can read the full text of the GDPR here https://gdpr-info.eu/.
In this post we'll cover how LEADman helps with the main concepts, which fall into four categories. We've got a handy mnemonic to help you remember them, "Captain Data Forgot the Phasers!"
Consent
The ship always needs consent from the captain, in this case the contact is the captain. Before you collect any data, from individuals in Europe, you need to obtain consent from the individual. Consent must be in an "opt-in" format rather than an "opt-out" one.
For instance, if you have a contact form on your website that asks for someone's name, email address or phone number, you then also need a way for that user to give consent for you to store and use their information. This is usually in the form of a checkbox (as a required field) that has a short consent description and/or a link to a privacy policy page. The user has to check the box, so you can't load a form with a pre-filled checkbox, that would make it opt-out consent.
LEADman's consent checkbox on your lead generation forms, and the more recently added contact form, already gives you the ability to display opt-in forms.
Data access and portability
The data access and portability concept of GDPR states that individuals should be able to request access to their data at any time. This means that you need to be able to show an individual all of the personal data that you have on them, should they ask for it. You should also provide them with a way to request changes to their data. Portability means that individuals should have the ability to download their data to take the data to another provider, or simply to have for their own records.
One of LEADman 1.2's major new features, the contact profile, addresses access to data. This makes LEADman the very first Joomla extension that can allow your contacts to view and manage their data without the need to create an account on your website. The contact can request a time-limited unique url that will give them access to a page on your Joomla website with the data that you collected from them.
The right to be forgotten
An individual's "right to be forgotten" means they should be able to have all of their personal data completely deleted from your system.
The second of LEADman 1.2's game-changing new features is its trash-manager. What if the contact is a site member or you've collected other personal data from them through another Joomla extension? Your website's administrator can now review all of the pending requests and ensure that the user's data is also removed from other systems. The administrator can also export the contact's data, thus addressing the portability aspect of the GDPR.
Privacy policy
OK, so privacy policy doesn't have anything to do with phasers, no one on the USS Enterprise ever shouted "phasers to privacy!", not even when they were out in the void between the Alpha and Beta Quadrants. It makes GDPR less boring though so it's staying.
Your privacy policy is up to you, it should include a note about what data you store and collect but you should probably get your lawyer to check it over.
Spam filtering
We couldn't end this blog on only GDPR, as important as it is, we're also very proud of LEADman's new spam honeypot.
Unfortunately, there's nothing much we can do to stop spammers trying to send you an enquiry, however, what we can do is filter those spam enquiries out. LEADman's spam honeypot offers protection against all spam bots and can be switched on by visitng the Spam protection tab in LEADman's settings screen.
Connect users can also switch on email validation and captcha.
Changelog
Check the changelog to see what's changed since LEADman 1.1.
Get started
Supercharge your lead generation with LEADman. Go ahead and try LEADman on our demo or download it from our Dashboard. Not yet a member? Get a subscription and start using LEADman today!