One primary element of GDPR is that you must now get consent to use cookies on your website.

A cookie is a small piece of text that your website sends to your visitors' browsers. Cookies help your website remember information about your users – this is essential to making the web an easy-to-use place.

If a customer likes a piece of your art and adds it to their cart, they can come back later in the day to purchase it and that item will still be in their cart, waiting for them.

Cookies make this possible.

When you show a site visitor your lead capture tool and they opt-in, the next time they visit your site, they won't see that lead capture tool again, because it has already done its job.

Cookies make this possible.

Now, you must get consent from each site visitor before cookies can be used. 

To address this, we offer two approaches:

1. The "hard" approach - which prevents a visitor from doing anything on your site until they accept the cookies. Without knowing the severity of penalties that could come down on small businesses that violate GDPR, we are recommending this approach to our customers. Here's what it looks like:

2. The "soft" approach - which continually asks for the visitor to accept cookies (it loads on every page) until they do, but allows them to peruse your site at the same time. Here's what it looks like:

Both of these options include default language that you can use immediately.

We also save the date of when the visitor accepts the cookies, so that you have a record of them doing so.

With GDPR in effect, you must provide a copy of all personal data collected to any EU resident that requests it. 

This can be incredibly burdensome on a small business owner.

To make this process simple, we built in a button that allows you to immediately email a file that contains all personal data collected, directly to the person requesting it. Done!

When it comes to visitor tracking, you may be familiar with our amazing analytics tool called Detective.

If the visitor is an EU resident, we wait for cookie consent before Detective becomes activated.

Furthermore, if someone revokes their decision to accept cookies, we stop tracking immediately.

We have rewritten and republished a very clear Privacy Policy for Art Storefronts, written in plain English, and you should do the same for your business. 

No business -- Art Storefronts included -- can make your business GDPR compliant for you.

This is something you have to do on your own, as it requires behaving on an on-going basis according to the standards set forth by GDPR.

However, by providing you tools to manage your business within GDPR standards, we can make this substantially easier for our customers.

This all stems from the same artists-first philosophy that drives all aspects of our business. It is the reason we continue to release cutting-edge features, and it was the reason we rolled out HTTPS certifications to our entire platform well before the deadline in 2017. 

The GDPR features mentioned above are included in all plans for all customers.

For customers: For a more in-depth look at these features, including where to find them in your site manager, visit the full knowledge base article.

For everyone else: We coach and advise our members on all aspects of the business of selling art online. Request a Demo to learn more about what Art Storefronts can do for your art business » 

What Next? Check out these hand-picked related posts:

• ​How to Retain Your Google Analytics Data When GDPR Takes Effect
• Do Artists Still Need Websites?
• Why You No Longer Need an Art Marketing Consultant