Zazzle is GDPR Compliant ? 4 pages: [1] 2 3 4
Posted: Sunday, April 15, 2018 7:59:40 AM
Hi Smile

Zazzle is GDPR Compliant ?

Dead line May 25 2018 ....
Posted: Sunday, April 15, 2018 9:13:16 AM
I find the whole thing confusing. Isn't it for companies in the EU? Does a U.S. company have to deal with it?
Posted: Sunday, April 15, 2018 9:13:59 AM
Is there a particular reason why you are requesting this information? Thanks.
Posted: Sunday, April 15, 2018 9:21:44 AM
Because I have customer worldwide ... so from EU too ... And everybody who deal with EU ppl NEED to be GDPR compliant ... All service connected with my website need to be GDPR compliant too ^^

In fact ... soon it will be an international obligation ... so better to be compliant right now Smile
Posted: Sunday, April 15, 2018 9:26:04 AM
I'm aware that the team who look after such matters were working on this. And I do know that by the deadline, we will be fully compliant (if we aren't already). I don't know much more than that as it is not my area of expertise and I'm not on the aforementioned team. I'm sure at some point we will have something a bit more official to share on the matter.
Posted: Sunday, April 15, 2018 9:36:02 AM
Great thank you ... if Zazzle is not compliant ... I will need to close my store on Zazzle.

I will be aware of your communication around this subject till the dead line (y)

Posted: Sunday, April 15, 2018 12:22:50 PM
Google Analytics just recently asked that anyone that uses Google Analytics, also sign off.
Posted: Monday, April 16, 2018 2:11:46 AM
I have my own .com website in the U.S. and don't ship internationally nor have domain extensions in other countries, but Zazzle does, so this is info designers should know or be aware of, simply due to the nature of Zazzle and how Zazzle works, even if the designer is in the U.S. May is next month.
Posted: Monday, April 16, 2018 2:13:31 AM
Again, I'm not sure on the ins and outs of this, but I do know this will all be taken care of (if it's not been already) and there's a team behind the scenes working on it. No need for any of you to worry about it.
Posted: Monday, April 16, 2018 4:21:42 AM
The change is major and a step in the right direction. In fact I think something like that is needed in the U.S.
Posted: Wednesday, April 25, 2018 2:49:58 PM
The European Union’s General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, delivering a right to privacy and the protection of personal data. Zazzle will comply with the GDPR when it becomes enforceable on May 25, 2018.
Posted: Monday, May 07, 2018 4:46:41 PM
AfriCreations wrote:
The change is major and a step in the right direction. In fact I think something like that is needed in the U.S.


I am also posting this in this public forum for those who might not see it in the upper level forums--
Hope it helps to add to our understanding of what to do...

<https://www.entrepreneur.com/article/312019>
Article:
4 Changes You Need to Make Now to Comply With the EU's Tough New Data Law
Posted: Thursday, May 17, 2018 4:13:15 PM
bequiet wrote:
AfriCreations wrote:
The change is major and a step in the right direction. In fact I think something like that is needed in the U.S.


I am also posting this in this public forum for those who might not see it in the upper level forums--
Hope it helps to add to our understanding of what to do...

<https://www.entrepreneur.com/article/312019>
Article:
4 Changes You Need to Make Now to Comply With the EU's Tough New Data Law


Good idea. The deadline is now a week away.
Posted: Thursday, May 17, 2018 6:20:30 PM
Phil wrote:
Because I have customer worldwide ... so from EU too ... And everybody who deal with EU ppl NEED to be GDPR compliant ... All service connected with my website need to be GDPR compliant too ^^

In fact ... soon it will be an international obligation ... so better to be compliant right now Smile

Your own website needs to be compliant if you collect information, outright or via technology, but a website owner can't be responsible for every website to which it links. That would be an unreasonable expectation. Have you seen a source that says you're responsible for the sites to which you link out?

For example, if I link to Zazzle or Amazon or PayPal, I'm responsible for the data collected on MY site. Once the customer leaves my site and gets to Zazzle or Amazon or PayPal, the responsibility for compliance lies with those sites.

Zazzle is huge and international, complete with international domains, so I have no doubt they'll be compliant by the deadline. But, unless you're making a statement on your site indicating you only link to compliant sites, it's not your responsibility.

I feel like I'm sounding snippy - I don't mean it that way. I'm trying to be clear.
Smile

Edited to correct language otherwise known as Android.
Posted: Friday, May 18, 2018 1:49:22 AM
Due to the nature of not just Zazzle, but the internet in general where so much info is inter-connected everyone should at least know what GDPR is. One doesn't even have to own a website to know what it is. Its one of those things that anyone online should be aware of whether they are affected directly or indirectly.

A good way to find out more is to search for GDPR under news in Google. This is just an FYI for people who like to be aware. Smile
Posted: Friday, May 18, 2018 4:55:35 AM
RoyK_is_a_She wrote:


For example, if I link to Zazzle or Amazon or PayPal, I'm reasonable for the data collected on MY site. Once the customer leaves my site and gets to Zazzle or Amazon or PayPal, the reasonability for compliance lies with those sites.


Which if you think about it, if you own a free standing site that uses WP stat collectors like where the demographic viewers are from, where the entries are on your site and were those viewers go from page to page you should have something on your own site explaining this.

Or is that data which is only personal as to where the visitors are coming from not an issue with the privacy laws in Europe?

I seriously need to do some homework.
Posted: Friday, May 18, 2018 5:32:58 AM
There could be zillions of scenarios from companies large or small in the U.S. who do business in Europe or ships there or use a program where the manufacturer, support staff etc. are in Europe or have secretaries who communicate with people in Europe, or customer service staff, airline employees and on and on ... so if you have a job, you should be aware as well.
Posted: Friday, May 18, 2018 5:57:37 AM
LM Gildersleeve wrote:
RoyK_is_a_She wrote:


For example, if I link to Zazzle or Amazon or PayPal, I'm reasonable for the data collected on MY site. Once the customer leaves my site and gets to Zazzle or Amazon or PayPal, the reasonability for compliance lies with those sites.


Which if you think about it, if you own a free standing site that uses WP stat collectors like where the demographic viewers are from, where the entries are on your site and were those viewers go from page to page you should have something on your own site explaining this.

Or is that data which is only personal as to where the visitors are coming from not an issue with the privacy laws in Europe?

I seriously need to do some homework.

I seriously need to quit posting from my phone. "Reasonability" isn't a word, is it?
Laughing

Look up the definition of "personal" information under GDPR. I feel like anyone trying to figure this out should start there. If your site collects personal information from people IN the EU, you need to comply.

I'm not saying OP doesn't need to comply. From what he's saying, I think he does. I'm saying OP isn't responsible for compliance of sites to which he links.
Posted: Friday, May 18, 2018 6:23:32 AM
@LM - Search plugins for "GDPR." I haven't investigated any, but a trusted developer wouldn't risk their reputation on putting something out which doesn't actually aid compliance, if it says it does. It's a starting point, at least.

Thinking out loud: Other possible options for those who aren't comfortable with the whole thing might consider looking for redirect or block options. Send all EU traffic directly to your Zazzle store or block EU users.

On "collecting data," some may be concerned that using an Associate ID in a link means you're tracking something about a user. The average user with affiliate links on their site isn't storing that cookie. The RF parameter is stored in a Zazzle cookie.
Posted: Friday, May 18, 2018 10:17:00 AM
I had started to build an email list right before I heard about this and it just so happened that one of the people on my small list was in Europe so since I do not want to have to worry about being compliant or liable, I cancelled my own sign up forms and deleted all traces of my list. I may go with an email service such as mailchimp after I read and learn more about the subject, or maybe I could just restrict sign up to USA residents.

IDK, there is so much to keep up with already I didn't need this extra headache...and my email list was only 4 people so no big loss.

(if the person who was on my list reads this let me apologize to you for having to cancel the list and stop sending newsletters) you know who you are...
Posted: Friday, May 18, 2018 12:55:29 PM
RoyK_is_a_She wrote:
@LM - Search plugins for "GDPR." I haven't investigated any, but a trusted developer wouldn't risk their reputation on putting something out which doesn't actually aid compliance, if it says it does. It's a starting point, at least.

Thinking out loud: Other possible options for those who aren't comfortable with the whole thing might consider looking for redirect or block options. Send all EU traffic directly to your Zazzle store or block EU users.

On "collecting data," some may be concerned that using an Associate ID in a link means you're tracking something about a user. The average user with affiliate links on their site isn't storing that cookie. The RF parameter is stored in a Zazzle cookie.


All good thoughts there. Thanks for your input. I don't fault the EU authorities for protecting their citizenry but dang this is a pain in the butt. Stick out tongue
Posted: Saturday, May 19, 2018 2:28:47 PM
Its the first major change regarding privacy since 1995. It won't effect what I do directly because I don't keep email lists, send out mass mailings to people or anything like that. Due to my very long history online, via social media posts on my social media sites, my website and real life events there are people who know what I do already.

But there are others who get very involved with customers and others, such as sending unsolicited emails, contacting customers unnecessarily or trying to sell an individual products without actions being initialized by the individual. There are even some companies that sell personal info without someone knowing it and then there is the other major issue of identity theft. This new law should help curb a lot of nonsense and time consuming harassment via phone, text, or email, and also misinformation, fake information, and fraudulent activities.

Time will tell if the change leads to significant improvements. Right now the internet is still the wild wild west.
Posted: Saturday, May 19, 2018 6:49:28 PM
This from Forbes:

Quote:
To quickly summarize: Article 3 of the GDPR says that if you collect personal data or behavioral information from someone in an EU country, your company is subject to the requirements of the GDPR. Two points of clarification. First, the law only applies if the data subjects, as the GDPR refers to consumers, are in the EU when the data is collected. This makes sense: EU laws apply in the EU. For EU citizens outside the EU when the data is collected, the GDPR would not apply.

If a site has Google Analytics coded into it AND permits visitors from an EU country, it needs to comply at least for the EU visitors, if not for other visitors.

All of my clients are US based and unable to do business in the EU. Most of their web traffic is in the US. Since they can't do business with the EU (due to licensing restrictions in insurance or lending, for example, or physically, due to location), they're all requesting blocks of those countries.

@LM - Agree. Major pain. But at least I get to bill some of it! ;)

Not that I happen to be working on this at 11 pm on a Saturday night or anything like that.
Posted: Saturday, May 19, 2018 8:14:15 PM
RoyK_is_a_She wrote:
This from Forbes:

Quote:
To quickly summarize: Article 3 of the GDPR says that if you collect personal data or behavioral information from someone in an EU country, your company is subject to the requirements of the GDPR. Two points of clarification. First, the law only applies if the data subjects, as the GDPR refers to consumers, are in the EU when the data is collected. This makes sense: EU laws apply in the EU. For EU citizens outside the EU when the data is collected, the GDPR would not apply.

If a site has Google Analytics coded into it AND permits visitors from an EU country, it needs to comply at least for the EU visitors, if not for other visitors.

All of my clients are US based and unable to do business in the EU. Most of their web traffic is in the US. Since they can't do business with the EU (due to licensing restrictions in insurance or lending, for example, or physically, due to location), they're all requesting blocks of those countries.

@LM - Agree. Major pain. But at least I get to bill some of it! ;)

Not that I happen to be working on this at 11 pm on a Saturday night or anything like that.


Ugh!

So if I have a site that is using GA what am I supposed to do? I am not collecting any personal info just general traffic tracking. Sounds easiest to just drop the GA altogether.

Sheesh!😑
Posted: Sunday, May 20, 2018 4:31:10 PM
Shelli Fitzpatrick wrote:
So if I have a site that is using GA what am I supposed to do? I am not collecting any personal info just general traffic tracking. Sounds easiest to just drop the GA altogether.

I can't give anyone a definitive answer to that question. I'm not entirely clueless, but I'm lost in information. Trying to stick with the original source and not the millions of websites with their interpretation. I *think* this is an 'official' website: http://ec.europa.eu/justice/smedataprotect/index_en.htm

^It has short sentences and simple graphics. It's my favorite, so far. Grin

Unfortunately, GA is just an example. There are some WP plugins that set cookies and track too - it's part of what makes them work and add features to a site. Every site is different. For those with sites with drag-and-drop building tools, people may not even know what Weebly or Wix or their web hosting company has storing and tracking. For WP, I'm not seeing a single plugin that does it all. Yet. I think one is working hard to make it so. But I'm in "trust but verify" mode, and erring on the side of caution. My original plan has gone sideways a little, and I haven't had time before now to deal. So...

If I'm found out of compliance, it's not like anyone is ever going to get a multi-million fine out of me! lol

Is your site WordPress.ORG, Shelli? If yes, once I get situated a little better - code is giving me fits - I'll let you know what I'm doing. That's not to say what I think you should do. ;)

Posted: Sunday, May 20, 2018 6:30:09 PM
My main site is Weebly and my other site is pixels.com with my domain forwarded to it. I have GA tracking both of them and my Redbubble and my 2 Zazzzle stores. Thank ya for the link! I’ll read up and try to sort it out.
Posted: Sunday, May 20, 2018 9:12:06 PM
Pixels, RB, and Zazzle will take care of themselves - even if you have GA tracking. Don't worry about those. They're not technically "yours."

Sidebar: Now that I think about it, GA has some user-defined settings that can only be controlled inside the GA account. We may see some changes as to how/if Z, RB, etc. let us incorporate GA.

Anyway...Weebly is the one you need to take care of. See if they have a blog post or support or FAQ with info. If they have control over all the Weebly sites, maybe they have a plan to handle it across the board.

Posted: Sunday, May 20, 2018 9:24:54 PM
@Shelli - go to this link and search GDPR

https://hc.weebly.com/hc/en-us
Posted: Monday, May 21, 2018 1:17:05 AM
RoyK_is_a_She wrote:
@Shelli - go to this link and search GDPR

https://hc.weebly.com/hc/en-us


will do! thanks girl!Love
Posted: Monday, May 21, 2018 3:06:14 PM
Reporting back...

Generally, I'm using PHP to forward my EU visitors straight to their appropriate country-specific Zazzle domain (THAT code made for a fun weekend... lol). If they don't like the site they land on, Zazzle's international sites have the country selector drop-down at the top, so they can easily switch. If they stay at the site where I drop them, I may get a referral or two. Or not.

The redirecting is based on IP address, and since that can't be used with 100-percent accuracy and some people may use a proxy or VPN which masks their true location (in fact, some may see a redirect, then use a proxy to get around the redirect), I'm erring on the side of caution and making sites GDPR compliant, as well.

This is the first WordPress Plugin I've chosen: https://www.wpgdprc.com/faq/

It adds consent check boxes to forms for Contact 7 and another popular form plugin, WooCommerce Check Out page, and WP Comments. It looks like it handles at least one forum and at least one instant chat plugin. It also provides a mechanism for users to request anonymization of their data, and I think gives a download option (still testing). It also offers Privacy Page integration (you create the page content, and it will integrate). Be forewarned, there are a few settings (and this looks like the easiest option!).
Shocked
If you don't mind default verbiage, it'll go faster for you.

It doesn't do a blanket or partial cookie consent upon user's first visit, and I'm still looking for a plugin I like for that.

If you haven't started, and you want to test everything, you should do it now. That's why I'm posting here before I'm done.

ETA: Of all the things I've ever been or been called, "attorney" isn't one of them. For all I know, my plan has a big ol' loophole it. So don't take my post as legal advice.
Smile
Users browsing this topic
Guest


Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Print this topic
RSS Feed
Normal
Threaded