Site Building Advice, Yola News 16

4 features to get your website GDPR-ready

Have you noticed a flurry of Privacy Policy and Terms of Service updates filling your inbox? A significant increase in websites asking you to accept their cookie policies (and they aren’t offering you baked goods)? The European Union recently released new rules regarding data privacy which come into effect May 25th, 2018.

As a business owner, you may need to follow suit to ensure your website is compliant.

What’s GDPR?

The General Data Protection Regulation (GDPR) aims to protect EU citizens from privacy and data breaches. Under this new regulation, citizens of the EU are given the right to knowledge and transparency into what personal data is collected and how it is stored. Further, they have the right to have their information removed from your database.

Why does it matter?

For those of you thinking “My business isn’t located in the EU, this regulation won’t apply to me.”  


Regardless of the location of your business, if your website obtains site visitors from the EU, you will be affected by the GDPR. Fortunately, we’ve released a variety of features to help get you started.  

Where do I start?

Create a Privacy Policy
Per this new regulation, businesses with EU traffic are now required to:

  • Have a Privacy Policy
  • Ensure the Privacy Policy is written in clear and concise language
  • Make your Privacy Policy easily accessible from your website

Don’t have a Privacy Policy? No problem. We have a Privacy Policy tutorial to help get you started. Once you’ve created your Policy, add the copy to a page on your website, then link to the page from your footer and your cookie notification banner.

Add cookie notifications
Websites built with Yola use cookies, ensuring optimal browsing for your site visitors. Websites that receive traffic from the EU are required to get visitors’ consent to use cookies.

We’ve released a feature allowing you to customize your own cookie notification and add it to your website. If you choose to add cookie notifications to your website, the notification will display on your website until your site visitor accepts your policy. Learn how to add cookie notifications to your website in this step-by-step tutorial.

Implement user agreement fields to your contact forms
One large aspect to the GDPR is obtaining consent whenever you collect data from your site visitors (including names, email addresses, contact information, etc.). To meet this requirement, all websites with EU traffic must include a field that requires customers to provide consent when they supply this information to you (i.e. contact form, email list sign up, etc.).

We’ve made it easy for your site visitors’ to give their consent through a user agreement field that can be added to your forms to obtain consent. Learn more about user agreement fields here!

Add your Terms of Service to your Online Store
In order for your Online Store to be GDPR compliant, you need to obtain consent to process your customers’ personal data. Our Online Store has the ability to add legal documentation to your checkout flow, ensuring you always have consent while processing orders. Check out our tutorial on adding your Terms of Service to your Online Store.


*Note: The GDPR is a complex regulation to navigate. This guide serves as an aid in ensuring your own compliance and should not be taken as legal advice. If you have questions regarding the GDPR we suggest consulting with an attorney.

16 Responses to 4 features to get your website GDPR-ready

  1. Patrician Maggs says:

    I think my store i OK for that,please check and look for me.

  2. Trevor Downer says:

    Sir, I do have a Yola site but no facilities for collecting data and no wish to collect data from visitors to the website. It is a non commercial site and nothing is sold from the site. Am I required to do anything? Thankyou. Trevor Downer.

  3. wa3zrm says:

    How does the EU intend to enforce it’s law’s outside of it’s jurisdiction? Is the USA a party to an existing treaty or has it become party of a treaty that obliges US citizens to obay forgien laws?

  4. Maria Abramjan-Phillips says:

    what if I sent out the confirmation request to the clients they ignore my emails?
    I cannot force them to respond…

    • Yola says:

      Hi Maria,

      Following the suggestions outlined in our post you will see none of them require your customer to reply to a direct email. Rather we help you set up tools to gain their permission prior to them accessing your website and contacting you.

  5. Ian Woollard says:

    Hello, My Yola website is an advertising forum for a rental property. I don’t collect any information other than a name and email address to allow correspondence, it also gives the option to make payment via paypal which if used again only supplies me with a name but no other information. What is my situation with regard to GDPR?

    • Yola says:

      Hi Ian,

      By using a contact form to capture visitor information such as name and email address you are subject to the GDRP requirements. We recommend you work through the suggestions detailed above.

  6. Catalina says:

    Is there a way to block traffic from the EU?

    • Yola says:

      Hi Catalina,

      The internet is global so there’s really not a way to ensure that EU citizens will not be able to access your website.

  7. is GDPR applicable for Indian websites as well?

    • Yola says:

      GDPR applies to people living in the European Union. However, regardless of where you live, if you have customers in the EU you need to comply with GDPR regulations. It is therefore advisable to follow the instructions for GDPR compliant forms regardless of your location.

  8. At first glance, it may seem that the GDPR only applies to large, global companies that conduct a lot of business overseas. But that’s a false perception that could harm a lot of small businesses

  9. Compliance with the GDPR is motivating organisations worldwide to improve existing technical controls for securing personal information

Leave a Reply

Your email address will not be published. Required fields are marked *