Getting GDPR Compliant

If you’ve been following digital privacy news lately, you’ve probably heard of GDPR (General Data Protection Regulation) and know that it’s going into effect. I’m loosely aware of it, but understand enough to know that it affects both websites of organizations based in the EU and websites that collect info from EU citizens.

But wait! This does in fact have something to do with writing (a little). Because this blog is both a record and instrument of my adventures in writing, I think it’s appropriate to write about any and all topics that affect this journey.

That sentence should make it clear that I’m not a lawyer or digital privacy expert—so don’t read this as legal advice or a guide to best practices. It’s just what I’m doing to try to make sure this blog complies with international law.

Note that I’m not trying to be dramatic! These regulations are primarily about the information websites collect from/about visitors, so I believe they were largely written with big organizations and social media in mind. On this blog, I’m not aiming to collect a ton of information—just share this adventure and the occasional insights with those who are interested.


The Internet is all about data. By simply visiting, your device is sharing your IP address with the server hosting this website. And while I personally don’t do anything with that data, the GDPR still regulates how it can be used (and what EU citizens can do with it). You can read all of that on the official website.

Right now, the blog/I only collect data when someone posts a comment. Before you post, you’re required to input a name and email address (and optionally, a website). When you do, that data gets stored in order to show the comment (your name gets displayed above your comment—your email doesn’t). With GDPR, you as a commenter would need to explicitly give the blog/me consent to store that data (such as checking a checkbox that grants permission).

Posting a comment seems like an obvious example of someone granting permission at first, but you may not realize that your email remains stored, and is associated with that comment. GDPR is meant to offer users more transparency and control when it comes to that kind of data, so you can decide how it gets used.

For example, down the line, I’m thinking of creating a newsletter mailing list. With GDPR in effect, everyone I put on that list would need to give explicit permission, confirming that they’re signing up to receive those kinds of emails. I couldn’t, for example, create some sort of giveaway asking for email addresses, and then proceed to email those people my newsletter. Or go through a list of comments on this blog and add all the email addresses of commenters (not that I would do that). And when people sign up and grant permission to use their emails for just that newsletter purpose, I couldn’t turn around and sell that list to another party (again, not that I would do that in the first place).

Things like buying and selling mailing lists and using giveaways to collect people’s information are common marketing tactics. But the digital environment has exponentially increased the number of entities who have access to that information—and therefore, the number of ways it could be accessed by parties who don’t have permission to use it.

The official GDPR website says, “​The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world …”. All this may be inconvenient (and boring (and inconsequential for a small-time writer’s blog)), but ultimately, it’s meant to help all of us (well . . . people in the EU) secure the digital parts of our lives. I don’t think I even have EU visitors, but I’m on board with the underlying principles.

So. What am I going to do about it? Well, I need to create a privacy policy that explains how I use visitors’ data. I’m also trying to find a WordPress plugin that lets commenters know the site will store some of their data. And going forward, I’ll be sure to be super clear if the newsletter mailing list ever comes to fruition (not to mention continue to monitor relevant sites for more information on how these regulations *specifically* impact bloggers).

Note: James T. Kelly’s posts “GDPR for Indie Authors” and “My GDPR Journey” were an immensely helpful resource in researching/navigating this topic. Thanks, James!


Let’s talk a little about inspiration for this blog. When I started it, my biggest motivator was Lunar Eclipse being published, and wanting to have a writing-focused web presence. (This website/domain was previously my online portfolio.) I knew I could’ve spent forever coming up with a “strategy” and/or writing posts before going live, but the story’s publication date wasn’t going to move. Since I wanted to have something ready when the story got published, I jumped right in without much of a plan.

And here we are, several weeks after Lunar Eclipse’s pub date, and I feel rather in over my head. But it’s been a great in one area in particular: I’m writing more regularly. Even though the first few posts had two or three weeks between them, I’m now more into the groove of posting every week. Around this time last year, I used Splickety’s monthly prompts to get myself to write on a monthly basis (and it mostly worked!). So it’s nice to have this as a motivator to post something not just every month, but every week.

The key word there being “something.” Right now, posts have run the gamut from flash fiction pieces to a list of favorite books to thoughts about this website to podcast links. There’s definitely a writing theme, but not much else tying things together.

I’ve realized that my issue is less about the content of posts, and more about the purpose of this blog/site. I think that once I identify that, I’ll have a better sense of what to post about. And even though I’m reluctant to pick one, I think the point of this blog (at the moment at least) is chronicling my journey of taking my writing more seriously and developing my stories/projects.

My biggest inspiration for this is Jason Brubaker’s reMIND blog (there’s also an inkling of post about this). While he was releasing his graphic novel online page-by-page, he also posted about the process itself — website hosting, advertising, coloring, printing, running a Kickstarter, etc. It was super insightful! And I think that’s what I want to do with this.

It sounds rather meta, but it’s the approach that most intrigues me. I do still want to include posts about things that I find inspiring, or progress I’m making on projects (assuming consistent forward progress). And I’ll definitely post about published pieces as/if they come along. But since this is still a work-in-progress (and I have so few readers!) I think there’s plenty of room to experiment and course-correct as things evolve. So let’s go.

Short Story Ruminations

Even though I’d like to write longer fiction somewhere down the road, these days most of my creative writing is flash fiction. And since not all of them will be published (see “The Bard’s Blessing” from last week), I’m wondering if there’s any value to recording them here for posterity.

If I do, there are a few ways to go. At <1,000 words, flash fiction lends itself very nicely to blog post content. And that means a potentially deeper well to draw from every week (instead of scraping the metaphorical barrel for topics). One disadvantage of this is them likely getting lost among other posts, though this could be addressed with the Flash Fiction tag.

On the other hand, this particular WordPress theme has a full-width page template. It offers a nice, uncluttered layout — ideal for reading stories. But if I go this route, there’d need to be some directory or other way to access them. And if I listed them all on the Stories page, it could start to fill up really quickly. Maybe a dedicated Flash Fiction page would be the way to go…

At any rate, I don’t need to make that decision for a few weeks yet. This site, like my creative writing career as a whole, is still in its early stages. There’s plenty of time to prototype, get feedback, and refine. What say you?