2018, Midowga Yurub wuxuu^{(European Union)} hirgeliyay dhowr dib-u-habeyn ilaalin xog ah oo loo yaqaan Xeerka Ilaalinta Xogta Guud^{(General Data Protection Regulation)} ( GDPR ). Nuxur ahaan, GDPR waxay ku bedeshay dhammaan sharciyada ilaalinta xogta ee kala duwan hal xeer oo khuseeya waddan kasta oo Midowga Yurub ah. Ganacsiyo badan ayaa ku qasbanaaday inay beddelaan siyaasadahooda si ay u hoggaansamaan GDPR , si kastaba ha ahaatee, in kasta oo xilliga kala guurka, weli waxaa jira jahawareer badan oo ku saabsan xeerarka cusub. 

Haddaba waa maxay GDPR sideese uga dhigi kartaa ganacsigaaga mid u hoggaansama?

Maqaalkan, waxaad ku baran doontaa sida loogu dhaqmo GDPR adoon akhriyin dardaaranka ilaalinta xogta qalalan ee EU^{(EU data protection directive)} . Waxaan kaa caawin doonaa inaad fahanto waxa GDPR yahay waxaanan kuu sheegi doonaa tillaabooyinka aad u baahan tahay inaad qaado si aad goobtaada GDPR uga dhigto mid u hogaansan.

Waa maxay GDPR?

GDPR waa dardaaranka ilaalinta xogta ee Midowga Yurub^{(European Union)} loogu talagalay in lagu ilaaliyo sirta khadka tooska ah^{(the online privacy)} ee muwaadiniinta EU. Waxay nidaamisaa habka loo isticmaalo xogta shakhsi ahaaneed iyo nooca xogta mareegaha internetka ee kaa ururin kara^{(type of data websites can collect about you)} . In kasta oo uu yahay sharci EU, GDPR wuxuu quseeyaa dhammaan mareegaha ay galaan isticmaaleyaasha Midowga Yurub. Natiijo ahaan, mareegaha iyo ganacsiyadu waa inay ahaadaan kuwo u hoggaansan GDPR ama xannibaya taraafikada EU.

Iyadoo taas maskaxda lagu hayo, waa kuwan dhinacyada muhiimka ah ee GDPR ee saameyn kara ganacsigaaga:

• Goobtaadu waa inay si cad ugu wargelisaa booqdayaasha in xogtooda shakhsiga ah la ururinayo.
• Waxa kale oo aad u baahan tahay inaad sheegto sida iyo sababta xogtooda loo ururiyo loona kaydiyo.
• Haddii isticmaalayaashu ay ku weydiiyaan inaad tirtirto xogta shakhsi ahaaneed ee^{(delete personal data)} aad soo aruurisay, waa inaad u hoggaansantaa codsiga inta badan.
• Isticmaalayaasha sidoo kale waxay codsan karaan koobiga dhammaan macluumaadka shakhsiyeed ee aad kaydiso.
• Haddii mid ka mid ah hawlaha ugu muhiimsan ee ganacsigaagu yahay ururinta iyo kaydinta xogta shakhsi ahaaneed, waxaad u baahan tahay inaad qorto sarkaal ilaalinta xogta.
• Haddii degelkaaga la jebiyo oo xogta shakhsiga ah ee isticmaaleyaashaadu ay soo baxdo, waxaad haysataa 72 saacadood oo aad ku soo sheegto jebinta.
• Jebinta xeerka GDPR waxay horseedi kartaa ganaax dhan €20 milyan^{(fines of up to €20 million)} (~$24 milyan) ama 4% dakhliga sanadlaha ah ee shirkaddaada.

Ujeedada ugu weyn ee GDPR waa in laga ilaaliyo dadka iyo macluumaadkooda gaarka ah jebinta xogta^{(data breaches)} . Hadda su'aashu waxay tahay, waa maxay noocyada xogta hoos yimaada GDPR ?

Noocyada xogta ee ay maamusho GDPR^{(Types of Data Regulated by GDPR)}

Haddii aad ka dhistay boggaaga xoqan ama aad isticmaashay mawduuc WordPress ah^{(WordPress theme)} , goobtaada waxay soo ururisaa noocyo kala duwan oo xog ah. Websaydhyadu waxay u ururiyaan macluumaadka siyaabo kala duwan, oo ay ku jiraan falanqaynta, foomamka WordPress , foomamka is-diiwaangelinta, foomamka xidhiidhka, iyo ololaha suuq-geynta iimaylka.

Marka la soo koobo, dhammaan xogta shakhsi ahaaneed waxay hoos timaadaa GDPR , laakiin waxaan u kala qaybin karnaa noocyada soo socda:

• Xogta hidaha iyo caafimaadka.
• Xogta biometric
• Aragtida siyaasadeed iyo/ama diinta.
• Jinsiga, qowmiyada, iyo jinsiga.
• Xogta shabakada sida ciwaanka IP gaaga^{(IP address)} iyo xogta buskudka

Ilaa inta ganacsigaagu kaydinayo mid ka mid ah xogta kor lagu soo sheegay ee muwaadiniinta EU, goobtaadu waxay u baahan tahay inay u hoggaansanto GDPR . Xusuusnow in tani ay khuseyso xitaa haddii aadan joogin ku lahayn gudaha xudduudaha Midowga Yurub.

Talaabooyinka Loo Baahan Yahay Si Ay U Hogaansamaan GDPR

Markaad wax ka akhrido mas'uuliyadahaaga mulkiilaha mareegaha ahaan, waxa laga yaabaa inaad dareento culays badan oo aad go'aansato inay fududahay inaad xannibto dhammaan taraafikada EU-da ee imanaya. Ha^(Don) u ogolaan GDPR inay ku niyad jabto. Hoos waxaa ah tillaabooyinka ugu muhiimsan ee aad u baahan tahay inaad qaado si aad u noqoto mid u hoggaansan GDPR .

1. Horumari siyaasaddaada khaaska ah^{(1. Improve Your Privacy Policy)}

Noqo mid hufan ururinta, kaydinta, iyo wadaaga xogta. Websaydhkaaga waa inuu ka kooban yahay siyaasad gaar ah oo faahfaahsan oo si cad u sharraxaysa hab-dhaqanka xog ururinta, ilaalinta xogta, isticmaalka cookies-ka, iyo wadaaga xogta. Siyaasadda gaarka ah ee wanaagsan waa in ugu yaraan ay ku jiraan qodobada soo socda:

• Ma iibinaysid xogta gaarka ah ee isticmaalayaashaada.
• Ma wadaagaysid xogta gaarka ah ilaa sharcigu kugu waajibiyo mooyee.
• Noocyada xogta aad ururiso.
• Sababaha aad u ururinayso xogta iyo sida aad u isticmaalayso.
• Sida aad u ilaaliso xogta isticmaalaha
• Sida pluginsyadu u ururiyaan oo u isticmaalaan xogta.

U cade sida ugu macquulsan adiga oo isticmaalaya luqad fudud oo aan meelna uga tagin turjumaada waxaadna yeelan doontaa siyaasad qarsoodi ah oo cad oo qeexan.

2. Samee Ogeysiiska Ururinta Kukiyada^{(2. Create a Cookie Collection Notice)}

Marka loo eego GDPR , cookies-ka ayaa loo tiriyaa sida xogta gaarka ah, marka waxaad u baahan tahay inaad weydiiso isticmaalayaashaada ogolaansho ka hor inta aadan isticmaalin xogta kukiyada. Dhig^(Place) ogeysiis ururin cookies oo cad mareegahaaga oo hubi inaad u ogolaato isticmaaleyaasha inay galaan mareegahaaga xitaa haddii aanay oggolaan. Isticmaalayaashaadu waa inay sidoo kale helaan hab sahlan oo ay ugala noqon karaan ogolaanshahooda wakhti kasta.

3. Bandhig Ogeysiisyada Dhammaan Foomamka Mareegta^{(3. Display Notices On All Website Forms)}

Waa dhaqanka caadiga ah in la ururiyo xogta isticmaalaha qaar iyada oo loo marayo noocyo kala duwan oo foomamka gudbinta ah. Haddii aad rabto inaad sii waddo ururinta ciwaannada iimaylka iyo faahfaahinta kale, ku dheji ogeysiis xog ururin. Ha ururin wax xog ah ka hor bartaas iyo iyada oo aan isticmaaluhu aqoonsanayn. Haddii kale^(Otherwise) , meheraddaadu waxay heli kartaa ganaax culus jebinta GDPR .

U caddee sida ugu macquulsan erayadaada oo bixi dhammaan faahfaahinta muhiimka ah ee ku saabsan ururinta xogta. Waa inaad sidoo kale iska ilaalisaa isticmaalka sanduuqyada saxda ah ee horay loo hubiyay. Isticmaaluhu wuxuu u baahan yahay inuu fahmo in xog ururintu ay tahay ikhtiyaari oo ay u baahan tahay ogolaanshahooda.

4. Hubi in dhammaan Plugins-yada ay u hoggaansan yihiin GDPR^{(4. Make Sure All Plugins Are GDPR Compliant)}

Haddii aad isticmaalayso plugins dhinac saddexaad oo aruuriya xogta, sida Google Analytics , waxaad u baahan tahay inaad xogta ka dhigto qarsoodi. Tani waxay noqon kartaa mid adag in gacanta lagu sameeyo, laakiin waxaad ka heli kartaa GDPR -Plugins-ku-salaysan kuwaas oo hawshan adiga kuu maamula. Kaliya^(Just) raadi qalab leh dejinta u hoggaansanaanta GDPR .

5. Isticmaal laba-doorasho^{(5. Use the Double Opt-in)}

GDPR kama dhigayso laba ikhtiyaari ikhtiyaari ah, laakiin aad ayaa loogu talinayaa in la isticmaalo. Laba-doorasho waxay la macno tahay inaad laba jeer waydiinayso isticmaalaha inuu qirto inay bixinayaan oggolaanshaha xog ururinta. Tani waxay si gaar ah muhiim ugu tahay isdiiwaangelinta liiska iimaylka. 

Si aad ugu darto laba gaabsi, waxaad u baahan tahay inaad marka hore ogolansho ka codsato foomka isdiiwaangalinta ee shabakada. Markaa isticmaaluhu waa inuu ogolaado mar labaad isagoo gujinaya xidhiidhka ay ka helaan iimaylka.

Isticmaalka ikhtiyaari ikhtiyaari ah oo laba jibaaran waxay muujinaysaa inaad u heellan tahay ilaalinta xogta iyo sirnimada, waxayna sidoo kale siinaysaa maamulka caddayn dheeraad ah in goobtaadu tahay mid u hoggaansan GDPR.

6. Ku dar Links-yada Is-reebreebka^{(6. Add Unsubscribe Links)}

Ku dar^(Include) xiriiriyeyaasha is-diiwaangelinta si fudud loo akhriyi karo xiriir kasta oo aad u dirto macaamiishaada. Ka-saarista liiskaaga boostada waa inay noqotaa hab fudud oo degdeg ah.

7. Tirtir xogta shakhsi ahaaneed marka la codsado^{(7. Delete Personal Data on Request)}

GDPR waxay siisaa isticmaalayaasha xaqa in la iloobo. Tani waxay ka dhigan tahay inay codsan karaan mar walba in xogtooda la tirtiro. Had iyo jeer samee sida aad codsato. Tan waxaa ku jira ka saarida isticmaalayaashaada liisaska boostada, tirtirida akoonadooda, iyo tirtirida wixii macluumaad gaar ah oo aad ka hayso iyaga. Xataa qoraalada baloogga iyo faallooyinka golaha ayaa lagu tiriyaa sida xogta shakhsi ahaaneed waana in meesha laga saaraa haddii la codsado.

8. Ha iibsan Liisaska Boostada^{(8. Don’t Buy Mailing Lists)}

Iibka liisaska boostada laguma talinayo sababtoo ah waxaa laga yaabaa inaad ku xad gudubto GDPR^(GDPR) . Inta badan, ma hubin kartid in ciwaannada iimaylka lagu soo ururiyay ogolaanshaha isticmaalayaasha.

Taasi waxay tidhi haddii aad weli go'aansatid inaad iibsato liiska boostada, hubi inaad ugu yaraan ku darto xiriiriyeyaasha ka-noqoshada iimaylka kasta oo aad dirto.

U hoggaansanaanta GDPR waa u qalantaa

U fur boggaaga iyo ganacsigaaga muwaadiniinta EU adoo raacaya dhammaan tillaabooyinka kore. Ahaanshaha u hoggaansanaanta GDPR waxay u ekaan kartaa caqabad marka hore, laakiin sidaas uma adka. Inta badan waxay ku lug leedahay daahfurnaan ku saabsan ururinta xogta iyo weydiinta ogolaanshaha. Gunno ahaan, isticmaaleyaasha aan EU-da ahayn waxay arki doonaan in ganacsigaagu uu daneeyo sirta iyo ilaalinta xogta waxayna u badan tahay inay ku aaminaan.

8 Steps To Be GDPR Compliant With Your Website

In 2018, the Eurоpean Union implеmented a series of data protection reforms known as the General Data Protection Regulation (GDРR). In esѕence, GDPR rеplaced all the different data рrotection laws with a single set of rules that apрlies tо every EU state. Manу businesses had to change their policies to be GDPR compliant, howеver, despite the transition period, there’s still a lot of confusion regarding the new rules. 

So what is GDPR and how can you make your business compliant?

In this article, you’ll learn how to be GDPR compliant without having to read the dry EU data protection directive. We’ll help you understand what GDPR is and tell you what steps you need to take to make your site GDPR compliant.

What Is GDPR?

GDPR is a data protection directive in the European Union designed to protect the online privacy of EU citizens. It regulates the way personal data is used and what type of data websites can collect about you. Despite being an EU regulation, GDPR applies to all websites accessed by users from the EU. As a result, websites and businesses have to be GDPR compliant or block EU traffic.

With that in mind, here are the key aspects of GDPR that might affect your business:

• Your site has to clearly inform the visitors that their personal data is being collected.
• You also need to disclose how and why their data is collected and stored.
• If users ask you to delete personal data you collected, you must comply with the request in most cases.
• Users can also request a copy of all the personal information you store.
• If one of your business’s main activities is to gather and store personal data, you need to hire a data protection officer.
• If your website is breached and the personal information of your users leaks out, you have 72 hours to report the breach.
• Breaking the GDPR regulation can lead to fines of up to €20 million (~$24 million) or 4% of your company’s annual turnover.

The main purpose of GDPR is to protect people and their personal information from data breaches. Now the question is, what types of data fall under GDPR?

Types of Data Regulated by GDPR

Whether you built your website from scratch or used a WordPress theme, your site gathers different types of data. Websites collect information in different ways, including through analytics, WordPress forms, subscription forms, contact forms, and email marketing campaigns.

In short, all personal data falls under GDPR, but we can break it down into the following types:

• Genetic and health information.
• Biometric data.
• Political and/or religious views.
• Race, ethnicity, and gender.
• Web data such as your IP address and cookie data

As long as your business stores any of the aforementioned data of EU citizens, your site needs to be GDPR compliant. Remember that this applies even if you don’t have a presence within the European Union’s borders.

Steps Required To be GDPR Compliant

When you read about your responsibilities as a website owner you might feel overwhelmed and decide it’s easier to block all incoming EU traffic. Don’t let GDPR discourage you. Below are the main steps you need to take to be GDPR compliant.

1. Improve Your Privacy Policy

Be transparent with collecting, storing, and sharing data. Your website should contain a detailed privacy policy that clearly explains data collection practices, data protection, the usage of cookies, and data sharing. A good privacy policy should at least include the following points:

• You don’t sell your users’ private data.
• You don’t share private data unless the law obligates you.
• The types of data you collect.
• The reasons why you collect data and how you use it.
• How you protect user data.
• How your plugins collect and use data.

Be as clear as possible by using simple language that doesn’t leave any room for interpretation and you’ll have a clear-cut transparent privacy policy.

2. Create a Cookie Collection Notice

According to the GDPR, cookies count as personal data, so you need to ask your users for consent before using cookie data. Place an explicit cookie collection notice on your website and make sure you allow users access to your website even if they don’t give consent. Your users should also have an easy way of withdrawing their consent at any time.

3. Display Notices On All Website Forms

It’s standard practice to collect some user data through various types of submission forms. If you want to continue collecting email addresses and other details, post a data collection notice. Don’t gather any data before that point and without the user’s acknowledgment. Otherwise, your business could receive a hefty fine for breaking GDPR.

Be as clear as possible with your wording and offer all the important details about collecting data. You should also avoid using pre-checked tick boxes. The user needs to understand that data collection is optional and that it requires their consent.

4. Make Sure All Plugins Are GDPR Compliant

If you’re using third-party plugins that collect data, like Google Analytics, you need to make the data anonymous. This can be challenging to do manually, but you can find GDPR-compliant plugins that handle this process for you. Just search for a tool with GDPR compliance settings.

5. Use the Double Opt-in

GDPR doesn’t make double opt-ins obligatory, but it’s highly recommended to use them. A double opt-in means you’re asking the user twice to acknowledge that they’re giving consent for data collection. This is particularly important for email list subscriptions. 

To add a double opt-in, you need to first request consent through the website’s subscription form. Then the user should consent a second time by clicking a link they receive through email.

Using the double opt-in shows that you’re dedicated to data protection and privacy, and it also gives the authorities further proof that your site is GDPR-compliant.

6. Add Unsubscribe Links

Include easy-to-read unsubscribe links with every communication you send to your subscribers. Unsubscribing from your mailing list should be an easy process and instant.

7. Delete Personal Data on Request

GDPR gives users the right to be forgotten. This means they can request at all times for their data to be deleted. Always do as requested. This includes removing your users from mailing lists, deleting their accounts, and wiping any personal information you have about them. Even blog posts and forum comments count as personal data and should be removed if requested.

8. Don’t Buy Mailing Lists

Buying mailing lists isn’t recommended because you might be in violation of GDPR. In most cases, you can’t be sure whether those email addresses were collected with the users’ consent.

That said if you’re still determined to buy a mailing list, make sure you at least include unsubscribe links with every email you send.

Being GDPR Compliant Is Worth It

Open your website and business to EU citizens by following all the steps above. Being GDPR compliant might sound challenging at first, but it’s not that hard. It mostly involves being transparent about collecting data and asking for consent. As a bonus, non-EU users will see that your business cares about privacy and data protection and they’ll be more likely to trust you.

Related posts

• 10ka Goobood ee ugu Sareeya ee laga Helo Sawirada iyo Fiidyaha HD ee Bilaash ah ee Mareegtaada

• 7 Siyaabaha La Xaqiijiyay ee Lagu Kordhiyo Gaadiidka Mareegaha

• Sida loogu daro Discor Widget Websaydhkaaga

• Si deg deg ah u samee Mareeg Shakhsiyeed adoo isticmaalaya Google-ka

• Sida Loo Sameeyo Mareegtaada Twitter-ka La mid ah Adigoo Adeegsanaya Mawduuca P2 ee WordPress

• OTT wuxuu sharaxay: Waa maxay Drupal?

• 7-PDF Website Beddelka: U beddelo boggaga shabakadda PDF

• Sida foomamka Google loogu dhex daro mareegahaaga

• 3 Bot Accounts si ay kaaga caawiyaan inaad wax ka kaydiso Twitter

• Sida Loo Sameeyo Mareegtaada Wiki

• Waa maxay Domain-ka gaarka ah iyo sida loo dejiyo mid

• Sida Loo Sameeyo Sawir-gacmeedyo Weyn Fiidyahaaga YouTube

• Sida si ku-meel-gaar ah loogu oggolaado pop-ups gudaha Browserkaaga

• Mareegaha jaban oo lagu kalsoonaan karo Marti gelinta ganacsiyada Yaryar

• Sida loo wadaago oo dib loogu dhejiyo sawirada Instagram-ka

• 10ka Shabakadood ee ugu Sarreysa ee qarsoodiga ah

• Sida Loo Sameeyo Youtube Channel Art

• Waa maxay Raadinta Sawirka Gadaashiisa & Sida Loo Isticmaalo

• Sida Loo Geliyo Google Calendar ee Mareegtaada

• Sida Loo nadiifiyo Cache-ga Shabakad kasta