GDPR: What you need to know about it, whether it applies to you as a blogger, what you can do to comply and addressing all those stupid rumours…

I was doing an InstaLive a few weeks ago and one of my blogging friends, Hannah, mentioned GDPR on it. This was the first time I’d ever heard of it. When I asked her what it was, she told me it was a fee we had to pay and similar bloggers were telling me the same thing. Being the cheapskate I am, I freaked out. Money?! My hard earned money?! Being spent on something that I don’t even understand?! I made it my mission that week to understand what GDPR was and what would change for me as a blogger. And now I’m going to share that with you.

What is GDPR?

GDPR stands for General Data Protection Regulations and it’s a new law that comes into force on the 31st of May 2018. And, basically, it does what it says on the tin. It’s the government’s way of making sure the data that we give out and receive is protected. For your average Joe, GDPR won’t affect him day-to-day. And, actually, it’s not really going to affect bloggers all that much either. GDPR affects the way that we store the data we have from other people. Mainly, their e-mail addresses. Therefore, if you don’t store e-mail addresses of other people for the purposes of a newsletter or perhaps a giveaway, you really don’t have to worry about GDPR.

I have a newsletter. What do I have to do to comply to new regulations?

The basics of GDPR are this: you now can no longer use information for anything other than it’s intended purpose. So, if Sally signs up to your newsletter about cats, you can now no longer use her email address that you have for Sally to sign her up to your newsletter about Brexit without her explicit consent. Similarly, if Sally is leaving a comment on your blog post and you have an opt-out option to sign up to your newsletter on your comment form, you’ll have to change it to an opt-in one, as opt-ing out is no longer going to be legal. The key word when discussing GDPR is transparency. As long as you are transparent and explicit about what the information you are asking for is going to be used for and do not use it for anything else then you’re complying to GDPR. It also might be worth getting yourself a GDPR declaration, which states that you do not use information for anything other than its intended use and also about how you are going to keep that information protected: ie. that you will definitely not share the information with any third parties, what you would do incase of a security breach etc.

What about if people sign up to my blog using

This is an interesting one that’s getting a lot of bloggers bent out of shape. I have never used; I was on Blogger and then changed to self-hosted with the WordPress Plug-In at the beginning of this year so I am not so sure how it works. I asked a couple of friends who used before going self-hosted and they do have access to these email addresses, even though they are stored by Jetpack. This means that while you have access to these email addresses, you have to declare that you will not use them for anything else. Jetpack will take care of some of this for you. However, if you are worried about these new guidelines, perhaps write out a GDPR declaration anyway following all the above guidelines and then, if you’re ever questioned for not-complying, you can always produce that. If you have a list of other people’s information that you can see with your own eyes, you need to be responsible in disclosing it won’t be used for anything else.

So, I don’t have to pay any money?

Nope – it’s just a change in the law. You can continue blogging for free. However, if you don’t comply to GDPR regulations, then you could be fined similarly to the way that if we don’t comply with ASA guidelines regarding disclaimers etc. then we could be subject to a fine as well. As long as you are showing a desire to comply, you should be fine.

So, what does this mean for PR-blogger relations? Will they change?

The way that PRs may do their outreach might change. If you are a part of some of the Facebook Opportunity Groups, you might be aware of some of the Google Forms that PRs use in order to find suitable bloggers for their campaigns. These are likely to change as often PRs are not clear about what they’re going to use the information for. They will need to be explicit. When the laws kick in, you may get a few emails from PRs you’ve worked with asking if you’d still like to receive communications from them in the forms of press releases and such like. This is because they store your information and want to be explicit with you about how they are going to use it. GDPR also gives you a right to be forgotten. Which, in simple terms, means a PR cannot hang onto your information if you tell them you no longer want to be contacted by them. They must delete it from their databases. Similarly, you must also give your newsletter readers this right and you must not hold onto information after someone unsubscribes. (Which, if you’re like me and get signed up to 20 junk newsletters a day, that’s a fantastic thing.)

Do I need to panic?

No, no and no. It’s a change in the law but it’s not the end of the world. You just need to be explicit about the way you’re using and storing information. That’s all. And, if you use blogger, don’t have a newsletter and don’t host giveaways that might store personal information then you don’t have to worry about it at all. If you’re still confused, a great resource to listen to is the Blogtacular Podcast Episode on GDPR as it’s a fantastic, well-explained account of what’s going to change and how you can prepare: as a blogger or a small business. If you have any really specific questions that you feel like I haven’t covered here, you can always message me on Twitter for advice or you can comment down below and I’ll answer every question (but on Twitter you’re more likely to get a quicker reply!).

I hope this addresses all your worries and qualms about the changing laws. Change is scary – but less so when you’re prepared!


  1. March 1, 2018 / 9:38 am

    I’ve decided to sit and wait on this one. So many bloggers have panicked and paid a fee that most likely isn’t necessary. I think this is a problem for companies more than Bloggers. Thanks for a more balanced and less scaremongering post x

  2. Emma
    March 1, 2018 / 12:04 pm

    Such a helpful post – seen so many bloggers get in a panic over those when it’s really no more complex than disclosing sponsored content – just be open and transparent!
    Emma |

  3. March 1, 2018 / 12:48 pm

    Great post! I didn’t know what GDPR was either! It doesn’t affect me (yet) but it’s good to know about it either way 🙂


  4. heather nixon
    March 1, 2018 / 2:46 pm

    Such a useful post – thanks!

  5. Danielle
    March 1, 2018 / 4:52 pm

    Is this GDPR thing for US/international bloggers too or just in the UK? I’m from the US and have a newsletter on Mail Chimp, so I was curious if this new rule is for us too.

    • Chloe Rennard
      March 1, 2018 / 6:39 pm

      It’s a UK rule but I believe it will be enforceable across the EU!

  6. March 1, 2018 / 5:27 pm

    Omg Chlo, what a great summative post about GDPR! Working in digital marketing has given me a brief insight into what it’s all about but I’m so glad that you wrote a post about it too! xx

  7. March 1, 2018 / 11:13 pm

    So glad you shared this Chlo, it’s SO helpful. Sick of people sharing scare stories when there’s no need! x

  8. March 2, 2018 / 12:38 pm

    This is very insightful Chloe! Thanks for sharing x

  9. March 4, 2018 / 12:24 pm

    Oh goodness, anything technical and I’m just like WHAAAAT? I had no idea what GDPR means but after reading your post, I sort of have a grasp of what it is. Although, I’ll be keeping this post in my bookmarks for when I’m sure to forget!

    Sian x

  10. March 5, 2018 / 2:47 pm

    I didn’t even know this was a thing, but this was such a great post to read and has put my mind at ease. I don’t really understand anything like this, so if I have any further questions then I will tweet you 🙂 Thanks for sharing xo

    Char |

  11. March 6, 2018 / 9:58 am

    Fab post babe. We’re implementing GDPR in work and you’re spot on, it’s a law change. It doesn’t automatically mean we have to shell out lots of money at all. Saw this all blow up on twitter too but this post will be fab for helping people understand it better! xx

  12. March 7, 2018 / 1:30 pm

    I’ve heard about GDPR at work and this is really insightful x

    Joyce Lau

  13. March 7, 2018 / 7:06 pm

    This is so scary when you know nothing about it ! Thank you for explaining, I’ve saved this post to refer back to in the future x

  14. March 11, 2018 / 2:26 pm

    Thank you so much for this super informative post, Chloe! I am a member of several blogging Facebook groups and in quite a few of them, GDPR was a massive talking point! I knew the basics of what it covered but I now have a much clearer idea of what’s happening thanks to this post so props to you for doing the research! Thankfully I don’t have a newsletter or collect anyone’s email addresses so I won’t see much of a change – phew!

    Abbey 💕

  15. March 13, 2018 / 11:10 am

    THANK YOU for this post! I was one of those people panicking for no reason so this really calms the anxiety!

  16. March 14, 2018 / 6:10 am

    Ooh this is such a great post! Was so unsure about all of this as I’d saw so many different things flying about.

Leave a Reply

Your email address will not be published. Required fields are marked *