GDPR for Artists: Is Your Website Compliant?
GDPR for artists

GDPR for Artists: Is Your Website Compliant?

An overview of how artists can ensure their sites are GDPR-compliant, and a look at the tools and features we’ve created to make this process easier.

 

The General Data Protection Regulation (GDPR) will be implemented on May 25, 2018, and in order to be compliant, artists will need to make a number of critical changes to their websites.

For those who don't already know, let us first be clear:  It does not matter where your business is located -- whether in the US, Canada, Australia, or within the European Union.  GDPR still affects you and you need to be compliant if you want to market and sell to consumers within the European Union.

If you are not compliant, you could be subject to major fines from the European Union.

Well, the artists and photographers on our platform regularly do business with international clients within the European Union.  As such, there is no possible way that we could put our customers in a position where they would literally have to block traffic from all European consumers, just to be compliant.  

Forcing them to have to block an entire continent of traffic -- which is what you have to do if you are not GDPR compliant to ensure that you avoid fines -- would diminish a big part of the value of having an art gallery website.  There's just no way we could let that happen.  

Therefore, helping our customers become GDPR compliant before the deadline became an absolute priority.

So, as part of our on-going commitment to provide the best technology for displaying and selling art online, and to coach and assist artists in all things related to their art business, we've made some key updates that will help make GDPR compliance much easier to manage.

For a complete, in-depth look at what ASF has done to become GDPR-compliant, the tools ASF provides its artists and photographers to become GDPR-compliant, and a list of steps you need to take to become GDPR-compliant, go here.

Now, let's run down 4 of the most important aspects of GDPR for fine artists and photographers. Along the way, we'll share the tools and features we've added to our platform to make these changes easier on our customers. 

1. Consent to Cookies

One primary element of GDPR is that you must now get consent to use cookies on your website.

A cookie is a small piece of text that your website sends to your visitors' browsers. Cookies help your website remember information about your users – this is essential to making the web an easy-to-use place.

If a customer likes a piece of your art and adds it to their cart, they can come back later in the day to purchase it and that item will still be in their cart, waiting for them.

Cookies make this possible.

When you show a site visitor your lead capture tool and they opt-in, the next time they visit your site, they won't see that lead capture tool again, because it has already done its job.

Cookies make this possible.

Now, you must get consent from each site visitor before cookies can be used. 

To address this, we offer two approaches:

1. The "hard" approach - which prevents a visitor from doing anything on your site until they accept the cookies. Without knowing the severity of penalties that could come down on small businesses that violate GDPR, we are recommending this approach to our customers. Here's what it looks like:


2. The "soft" approach - which continually asks for the visitor to accept cookies (it loads on every page) until they do, but allows them to peruse your site at the same time. Here's what it looks like:


Both of these options include default language that you can use immediately.

We also save the date of when the visitor accepts the cookies, so that you have a record of them doing so.

2. Fulfill Information Requests from EU Residents

With GDPR in effect, you must provide a copy of all personal data collected to any EU resident that requests it. 

This can be incredibly burdensome on a small business owner.

To make this process simple, we built in a button that allows you to immediately email a file that contains all personal data collected, directly to the person requesting it. Done!

3. Automated Visitor Tracking (On and Off)

When it comes to visitor tracking, you may be familiar with our amazing analytics tool called Detective.

If the visitor is an EU resident, we wait for cookie consent before Detective becomes activated.

Furthermore, if someone revokes their decision to accept cookies, we stop tracking immediately.

4. Privacy Policy Updates

We have rewritten and republished a very clear Privacy Policy for Art Storefronts, written in plain English, and you should do the same for your business. 

Your Responsibility

securing website

No business -- Art Storefronts included -- can make your business GDPR compliant for you.

This is something you have to do on your own, as it requires behaving on an on-going basis according to the standards set forth by GDPR.

However, by providing you tools to manage your business within GDPR standards, we can make this substantially easier for our customers.

This all stems from the same artists-first philosophy that drives all aspects of our business. It is the reason we continue to release cutting-edge features, and it was the reason we rolled out HTTPS certifications to our entire platform well before the deadline in 2017. 

The GDPR features mentioned above are included in all plans for all customers.

For customers: For a more in-depth look at these features, including where to find them in your site manager, visit the full knowledge base article.

For everyone else: We coach and advise our members on all aspects of the business of selling art online. Request a Demo to learn more about what Art Storefronts can do for your art business » 

Popular Posts