Table of Contents
  1. Who?
  2. Where?
  3. What?
  4. When?
  5. Why?

Data privacy has been in the news since the last election cycle, from emails deleted from a public server to alleged Russian interference in the United States election process. At the same time May saw the passage of the GDPR for Great Britain and the EU, legislation that actually affects most websites in the world provided they have subscribers or users in the affected countries.

What does this mean to web users and bloggers? How do you protect your privacy and that of those who comment on or subscribe to your blog? What personal data do you collect and how do you store and manage it? Here are some answers to those common questions.


Who do you need to protect? That falls into two categories. The first group you need to protect is yourself along with those who are admins of your site. Your personal information is tied to the site, including the WHOIS information that every domain name is required to have on file. This is information you filled in when you purchased and registered your domain name. You should protect the privacy of this information, which while it costs a bit more per year to do so, is well worth the cost. It is also required that you keep this information up to date, so be sure you make changes if you move or change phone numbers.

The second group is your users or subscribers. What information do you collect from them? The only thing you really need is their name and email address. Still, if you opt for them to sign in with social media accounts, often the basic profile information they share includes a lot more including sex, age, and any other information the user has made publicly available.

The good news is that you have their permission to hold that information, as long as you don’t share it with anyone. This means your email list and other data should be well shielded. This is a pretty simple operation with a WordPress plugin or applications offered on other platforms.


All of the information on your site should be stored in an encrypted file in your hosting platform. If you have a separate host, especially one in the UK or the EU, this is easy. The host will already have had to comply with GDPR and can easily migrate your data also.

If you self-host, you will need to make sure you have the right kinds of security protocols on your server to protect individual data. You will also need to update your privacy policy on your site to be in compliance with GDPR, and you will need to ensure that you only use the data that has been shared on your site for the purpose you gathered it for.

This means without the user’s direct consent, their information cannot be sold, shared, or otherwise transmitted to another party. The data you store must be protected reasonably on your site and nowhere else.


What is personal data? The simple definition is any information that will help identify an individual. This includes email addresses, photos in Gravatar, name, age, sex, location, and more.

If you have an online store or sell any goods on your website, this gets even more complicated. In that case often you have date of birth, credit card information, and shipping addresses. You must ensure this data is safe, but you must also assure your customers that it is kept that way. Using systems like PayPal, Square, and other checkout platforms that already have security in place is a good way to start.

If you struggle with this or have questions, have a professional web designer help you, one who is familiar with eCommerce, GDPR, and privacy protocols. This will keep this data safe.


The simple answer is all the time. Whenever someone comments, signs up for your newsletter or makes a purchase, you are responsible for handling their personal information correctly. At the same time, you need to be constantly vigilant over your data and that of your customers. Using security apps, responding quickly to alerts, and resolving issues promptly are not only your responsibility, but make your users comfortable trusting your website.

Hacks are common, even for small sites, and so keeping your eyes out for issues constantly is the best defense.


The news is full of large and small hacks. Users have an expectation that you will protect the data they share with you. GDPR makes it mandatory, and if you fail to take all the recommended measures, you can be fined, and the fines can be significant.

By allowing users to register and make comments, by selling things online, and by maintaining an email subscriber list, you are putting yourself in a position of responsibility. Take that seriously and keep your blog readers safe when they are on your site.

Your site is your responsibility, and so is the data you gather there. Both your data and that of your users could be at risk. The moment you think you will never be the victim of a hack is the moment you will be victimized. Be vigilant and be safe in a world of data privacy hacks and new GDPR requirements.

You May Also Like