Home > Free Traffic Sources >

---

Complying with GDPR (17)

---

As most of you know the new GDPR laws will be in effect as from the 25th of May.

I have over 50 Wordpress websites and I am looking for a quick and easy way to make them compliant.

Anyone?

---

https://www.cookiebot.com/en/

https://www.iubenda.com/en/

It will also depend a bit on some other services you use.

Aside from that, the business model matters a lot. Wouldn't be able to give clear answers but those 2 tools are very useful to start off with. From then on, it's a very ambiguous "it depends".

Not a lawyer, just someone who's been reading about it and trying to figure it out for affiliates in general.

---

There's no such thing as quick and easy with GDPR, unfortunately. There are TONS of things that will change, for example, for one of my services.. I have a 7 x A4 checklist in front of me right now lol. It's probably not that bad for simple WP sites, but you still need to let people know what info you collect and how you use it, how they can opt out/delete/update their data. So make sure you have your privacy policy.

---

Yeah. Maybe this more complex checklist helps: https://gdprchecklist.io/

The tools I linked would help you, @eurosen, to quickly check a few items but certainly not all.

---

Thanks for the replies guys.

I mainly run simple wp sites so would only be placing analytics and adsense cookies.

Had a further read and have gone for the following approach.

1. I have bought the Ultimate GDPR plugin for WP
2. Scan my site for cookies using https://gdprcookiescan.eu/
3. Update privacy policy adding the cookies mentioned in the scan
4. Setup the WP plugin

This I will have to do for about 50 websites so quite the task

---

I just realised... Will we have to make all our landers compliant as well?

Voluum sets a cookie (I assume) and so does the affiliate network (I assume).

That would be a real bitch

---

My initial feeling is yes. GDPR is a lot about using data for marketing, and Voluum sets a cookie for marketing purposes... Unfortunately, I haven't heard Voluum address this. They sent out some email today saying how they have secure data but nothing whether or not their customers have to obtain user consent to be tracked using Voluum.

I really hope not but not having a clear answers is a bit worrying.

On the bright side, most governments have said they don't want to chop off heads so there will be plenty of warnings before going down the big fines route that basically can put you out of business.

---

Perhaps Voluum can comment on this?

Not sure if there is anyone from Voluum available on this forum?

---

I've asked this already: https://stmforum.com/forum/showthrea...l=1#post343779

Seems more like in limbo. ClickFunnels has also been very silent on the topic - just to mention another big marketing company that seems to be too silent regarding GDPR when it comes to how it affects their customers.

---

Yeah, haven't heard anything from ClickFunnels which is quite alarming.

On FunnelFlux's end we're about to make some updates. Bit behind schedule but well, that's GDPR hassles for you.



On our end here is a quick low down:

- We will be anonymising all IP's by default (D-class i.e. last 3 digits) so that you don't directly store any user IPs that could be considered "sensitive data". All things like geo-redirection and so on are not affected as anonymisation happens afterward.

- You will be able to turn this off a the funnel level in cases where you believe you have consent and a right to track these (your call, your responsibility)

- We have a list of datacentre/proxy/etc. ISPs that we will not obscure as these are not personal IP addresses and its critical to see them for making traffic filters, blocking bots etc.

- Our JS and tracking links drop cookies but these don't store any sensitive user data (at least they won't when IP is anonymised), so you should be fine since they are suitably anonymised, though you need to be mindful if you are passing data to the tracker that is considered personal info e.g. emails, names etc. as then our internal tracking IDs would be directly linkable to that person. You could consider the tracker cookies as critical/mandatory if required for your site's flow to function correctly.

- Note our page action links (for clickthrough) have organic parameters you can encode into them, which get used as a fallback if the user is not known or had cookies blocked. Important fallback to at least make people redirect fine even if you lose the connection with their incoming traffic source data.

- We have redesigned our JS (not due to GDPR) to be more universal and it can now inject hit IDs into links directly, thus you can force coherent tracking without cookies. We're looking at changing the JS to have a toggle for dropping cookies so you can execute it without making them, but we haven't finished that yet.

- In the grander scheme we are looking at redesigning our tracking so that it does not require cookies at all, so that tracking links and JS can track the entire flow of users without needing them.

- Within our reset stats section we'll be adding the ability to look up a visitor ID and delete all related data.



All of this will of course require updating to the latest FunnelFlux version when we release it, but we'll email everyone about this.

GDPR is a pain in the ass for sure, just making changes to T&C, PP, sites etc. and data processing policy documents sucks up dozens of hours fo time. Let alone if you have to update your software to deal with it =/

---

This may be the one of the few trackers that actally IS compliant with GDPR!

---

Yes FF and Prosper202

The GDPR Compliant release of Prosper202 is scheduled for Friday, but it's also currently in the hands of a few beta testers.

1. Both ipv4/ipv6 are anonymized. This can be toggled off, all traffic or just EU traffic
2. When in GDPR compliance mode, cookies are not set, however all tracking works fine with cookies off. You just need postbacks for conversion tracking
3. We also respect the DNT header automatically, and mask ip/suppress cookies when detected. There's no option to turn this off
4. Our redirector can also redirect all eu traffic away from your site
5. The last feature that's not done for friday is the abiliy to delete clicks by, ip, keyword or value stored in c1-c4 or the utm variables we support.

For the long term I'm looking into building a mini consent management system too, but that's not on the feature list for Friday.

---

Nice, great to see other people taking this seriously too. GDPR is really a pain in the butt and I think for the most part very few affiliates will naturally adopt compliance unless their exposure is quite high. The least we can do is make their tracking tools have a mantra of "compliance by default".

---

After checking the EU Parliament roast of Zuckerberg, I think affiliates will be low on the list for checks unless they do some really shady tactics.

Seems GDPR priority is Facebook, Google, Twitter, LinkedIn, etc - platforms that store big data and use it for all sorts of activities people might not be thrilled about. That was not hard to guess.

Showing a pop-up on a torrent website is unlikely to attract too much attention early on.

Still, "compliance by default" is the way to go - will just save headaches and worries. Big thumbs up for FF and Prosper202 for this!

---

I used 3 plugins for my websites to comply to GDPR (I'm no lawyer and have no idea how compliant this makes everything).

• https://wordpress.org/plugins/gdpr-framework/
• https://wordpress.org/plugins/gdpr-for-gravity-forms/
• https://wordpress.org/plugins/ginger/

I didn't have any of the EU popups before, so that is what ginger is for. Plus it blocks cookies until they hit "accept". The GDPR framework does the rest, and the GDPR for gravity forms is part of the first plugin.

I'm making a notice above all pages regarding affiliate links, making sure no checkboxes are pre-checked off, and people can now download and delete their data from my site (that is through the framework). The framework also offers the ability to contact a law firm based in the EU. If I had an EU company I'd contact them (I don't, it is a US company).

Hope this helps a little.

~Hilary

---

Well, now there's an update from them and it's a laughable update: https://blog.clickfunnels.com/clickf...-and-the-gdpr/

This quote specifically is very telling:

"ClickFunnels sells software; it does not provide legal advice or legal services, nor does it sell a “done-for-you” GDPR compliance package."

---

We just made some significant updates, many related to GDPR.

Since this is a quite pertitent topic that a lot of affilates have an interest in, I posted some of our recent update email content here.

I cover some of the GDPR and compliance-related changes we make, as well as cool updates to our JS tracking.

---

Home > Free Traffic Sources >