September 2023: This document lists the steps taken by This Website (coinandbullionpages.com) in order to achieve GDPR compliance:
Read and the full text of the very complicated 261-page GDPR legal document (available here https://gdpr-info.eu/ ) DONE
Upload latest compliance roadmap (this page right here) to all websites. DONE
Update privacy policy. DONE
Update cookie policy. DONE
Provide way for visitor to view the cookies used. (Cookie-checker.com) DONE
Create and send privacy and information security tutorial to virtual assistants, training them in best practices for making sure info stays secure; make sure they have all read and signed. DONE
Deleted 10 of my websites because it would be easier to just scrap the least commercially successful projects than to make them compliant. DONE
Change Youtube embed code on all web pages that contain Youtube videos (many hundreds of articles!) and put in new code that has the ‘enhanced privacy’ option from Youtube selected, that uses youtube-nocookie.com DONE
Study and implement best Adsense practices for not sending Personally Identifying Information:
https://support.google.com/adsense/answer/6156630 DONE
Replace method=”get” with method=”form” on all websites (for example in search boxes) and in all code on backup versions of sites. DONE
Audit Google Analytics to check that PII is not being collected / passed to Google via URLs, page titles and other data dimensions. DONE
Deleted Facebook tracking pixels and custom audiences completely DONE
Remove Facebook “like” plugin (embedded code) from all pages and replaced it with ‘ordinary’ html banner. (“If you embed a Facebook like button and Facebook loads their scripts into YOUR site then it is YOUR responsibility to make sure Facebook is compliant with the law.”) (wow) https://news.ycombinator.com/item?id=16792441. DONE
Delete Google Analytics completely and replace with non-tracking analytics option (Plausible.io). DONE
Update all Aweber forms to clarify what is being consented to and give clear instructions on how to opt out either using unsubscribe link or manual request. DONE
Implement a GDPR compliant way to ensure that Adsense does not track users / remove ad personalization possibilities. IN PROGRESS – WAITING FOR ANSWERS FROM GOOGLE ON HOW TO DO THIS. Commentary here https://pagefair.com/blog/2018/googles-nonpersonal-ads/