I’m sure you’ll agree that some business topics are just downright boring.
I mean, no photographer ever wished they could spend more time talking to clients about their business policies or terms and conditions, right?
Right.
That stuff is enough to send anyone to sleep in a New York minute.
But, unfortunately, there are times when we must face such things, even though we’d rather poke our own eyes out with a hot stick.
Take GDPR (General Data Protection Regulation), for example, which has become the least interesting hot topic in recent memory.
Unless you’ve spent the last few months on the moon, you’ve no doubt heard of the new GDPR laws that came into effect on May 25th 2018.
According to the GDPR portal, GDPR “is the most important change in data privacy regulation in 20 years…”
What does this mean for you as a professional photographer?
Sadly, a load of unwanted and difficult work is what it means.
Until now, most photographers haven’t bothered to add any kind of privacy policy to their website.
It just didn’t seem necessary and was nothing more than a load of legalese mumbo-jumbo that no one really cared that much about anyway.
And, besides, who wants to clog up their photography website with pages of boring business babble if they don’t need to?
Newsflash…
As of May 25th 2018, people suddenly do care.
More importantly, the folks who police such things also care, and are more than happy to take action against those who neglect to follow the rules (even if we, as business owners, don’t agree with them).
Does GDPR Affect You?
The GDPR laws were passed in the European Union (EU) in April of 2016 and came into force in May of 2018, and are designed to affect businesses in the EU.
Does this mean you’re unaffected if your photography business operates outside the EU?
Yes, and no.
If all (and I mean 100%) of your clients are outside the EU then technically you could potentially ignore the GDPR.
But there’s always a “gotcha”, right?
Unless you can guarantee that your website is non-accessible to EU residents, or that data privacy for EU visitors is fully compliant with GDPR even if it’s not for everyone else, then your website must comply with the GDPR laws.
If you answer “yes” to any of the following questions, then you should take steps now to protect yourself from possible non-compliance actions:
- Does your website create cookies for visitors?
- Do you have any kind of contact form on your website?
- Do you collect email addresses for a newsletter or mailing list?
- Do you sell photographs directly from your website?
- Can visitors register as a member on your website?
- Do you use any third-party services (e.g. Google Analytics) on your website?
All of those things can collect and store information about your website visitors and clients, even if you’re unaware of the exact nature of the collected data, therefore you must have a visible page on your site that details your policies about such things.
The simplest and fastest way to do protect yourself is to add a GDPR-compliant privacy policy page to your website.
Create A Privacy Policy
You could sit down and write your own or follow the many guidelines you can find online on how to create a privacy policy.
Alternatively, you could download a fill-in-the-blanks template that would take you less than 5 minutes, so you can forget about it and go on with what you like doing most, which is taking amazing photos for your clients.
To help you, I’ve created a complete privacy policy template for you to download and use on your website.
The template has all the required sections and shows you exactly where to place your own business information.
Implementation of the privacy policy can be as easy as copy-and-paste and be complete in 5 minutes or less in most cases.
Download: GDPR Privacy Policy Template
You now have access to my privacy policy template.
Here are the links you need to download the template files:
(Right click the button or CTRL-click on a MAC to save the file to your computer)
