If you’ve got an email account, then you’ve certainly heard of GDPR and received one of those privacy policy emails by now! On May 25, 2018, the European Union passed a new law, the General Data Protection Regulation (GDPR). The GDPR is a sweeping data protection law that not only affects European businesses but all organizations that handle the personal data of EU citizens. So companies all over the world are falling in line to become more transparent, and working hard to get their privacy and data protection protocols up to date.

Why Does GDPR Exist?


The GDPR was passed to regulate the collection of personal data of EU citizens and requires businesses to protect their personal data, as well as their privacy, for transactions that occur within EU member states. Non-compliance with GDPR regulation could cost companies dearly. Keep in mind, even though GDPR was passed for EU citizens, it applies to all companies who collect, process, and store personal data from these citizens, regardless of where the company is based.

How Does GDPR Apply to My Podcast?


It doesn’t matter if you’re a podcaster, YouTuber, or Vlogger, this new regulation applies to you! And if you’re wondering if you should be ensuring that your podcast is GDPR compliant, the answer is YES! Even if you are not based in the EU, if your podcast has been around for a while, someone from the EU has definitely listened to your show or been to your website. Just like TV and radio stations have a set of guidelines, so too your podcast needs to have a place where a policy is visible. This is especially important when you have your own podcast website and you are collecting information for your email list. If you want your audience to interact, you need to have a policy to say what happens when they do.

What Should My New Privacy Policy Include?


If your show is hosted on a platform (like YouTube, SoundCloud, etc.) there may already be some type of blanket policy in place that is in compliance with GDPR. So first off, definitely make sure you read through it so that you understand what it covers and to make sure that it applies to your show. However, if you host your own media and own your own website, then you will have to put together your own Privacy Policy to govern those platforms. The GDPR requires you to provide information to your audience that is concise, transparent, intelligible and easily accessible. It must be written in clear and plain language, particularly if addressed to a child, and should be free of charge.

Questions to Consider When Writing Your Privacy Policy:

What information is being collected?
Who is collecting it?
How is it collected?
Why is it being collected?
How will it be used?
Who will it be shared with?
What will be the effect of this on the individuals concerned?
Is the intended use likely to cause individuals to object or complain?

How Can I Setup My GDPR Privacy Policy?


If you are just new understanding the new GDPR regulations, the best place to start is with an automatic Privacy Policy Generator. This will ensure that you cover everything that is required and that you are not missing out on a step. It will also save you a ton of time so that you do not have to create everything from scratch! Here are a couple of options to get you started.

Iubenda

Iubenda can help you with generating a privacy policy. They also provide a privacy and cookie policy that includes any third party service providers you’re using, like Google Analytics or Google Adsense, as well as MailChimp, and Facebook. With Iubenda, you can generate policies in 10 languages, including English. Their GDPR guide is incredibly detailed and a great place to sift through the specifics and how they apply to you as a podcaster.

Visit their website to learn more: https://www.iubenda.com/en/guides

Termsfeed

TermsFeed lets you create premium custom legal agreements, readily and easily, online. Their services include a Privacy Policy, Terms and Conditions, EULA, Return and Refund Policy, and a Cookies Policy. These policies and agreements are especially important for websites, mobile apps, desktop apps, eCommerce stores or SaaS apps. Each policy can be adapted specifically to fit the needs of your business. This is based on variations such as if you collect email addresses, whether you use geolocation, or if you sell products and/or services. TermsFeed is one of the best options for creating your very own, custom-made and legally binding legal agreements.

Visit their website to learn more: https://termsfeed.com/

To see a more extensive list of privacy policy generators, click here.

A Summary of the Key Points


When it comes to knowing whether or not you’ve met all the GDPR requirements for your podcast, consider the following questions, ideas, and concepts.

1. Collection of Personal Data: have you stated what you’re collecting, and what you do with it?
2. Use of Personal Information: if you have your own podcast website, you are collecting visitors’ info whether you know it or not.
3. Sharing Information with Third Parties: whenever third-parties are introduced to your flow of information, you have to ensure that they too are using the data correctly, in adherence to GDPR.
4. Tracking Behavior: how will you be tracking user behavior and how will the information be used.
5. Collecting Data on those Under 13: if your podcast is kid-friendly, this point is definitely important to note and ensure that proper parental consent is obtained.
6. Giving the Ability to Opt Out: in every case where your audience can register for your site, they should be given the opportunity (easily) to un-register and stipulate exactly what you are allowed to do with their data.
7. Navigating Language Barriers and Disputes: whenever your site information has to be translated, make sure that your readers fully understand all the information stated.
8. Providing Adequate Contact Information: always make a contact option available to your readers. You want them to let you know if there’s a problem, right away. Provide an extensive list of ways to get in touch with you.

To view the full GDPR Checklist, click here.