Updated: June 11, 2018
Review all of your third party service providers (e-mail service, social share plug ins, etc) to make sure they have addressed GDPR.
Make sure your email opt ins have a checkbox to click for subscribers to express consent. It cannot be pre-ticked.
Wherever you collect email addresses, make sure you use easy to understand language regarding what you plan to do with the email addresses. For example:
“I consent to receive emails about: ___________”.
Update Google Analytics privacy settings to anonymize their data. GA has instructions on how to do this. If you use the Webkinder Analytics plugin that Scrivs uses, you can simply check the anonymize traffic checkbox.
Comments and contact forms will also need a check box if someone is required to enter their personal information. Check the service you are using to see if they have made the appropriate updates.
If you are selling products, you can only collect necessary data and use a disclaimer box at checkout to let them know how you will use that information. Do not store e-mail addresses collected at checkout and use it to market to the customer without explicit consent.