The new EU General Data Protection Regulation (GDPR) comes into force on May 25. While data protectionists can now celebrate themselves and think about what they can regulate even worsetighter, we simple people who just want to have a website running now have to seriously consider whether it’s even worth it.

I have to admit, data protection is not a big priority for me. In other words, the protection of my data. Your data, of course, I treat with the highest care. I want no one to pass on my personal data such as name, address, contact details, not to receive spam, whether analog or digital. That’s it. But I don’t need privacy statements on websites explaining unnecessary things to me. When I fill out contact forms, data is transmitted. Quite surprisingly. When I sign up for newsletters, I get emails. Wow. Cookies and analytics tools are useful things to make websites better. And what’s all this whining about personalized advertising? If I have to see advertising, then please show me advertising that suits me. I’m mature enough to decide for myself whether I click on it (and buy something) or not.

Further, I even find it really annoying that people and organizations in this country have the possibility to have houses pixelated on Google StreetView. What’s the point? If I were a thief, I would look for hidden objects there and select them as my next target. And anyway, how do individual states or the EU actually get the idea to legislate or regulate the Internet? The Internet is one of the greatest inventions of mankind, it belongs to everyone and is independent of borders, whether geographical or in the minds. But hey, you (German government, EU) already screwed up with net neutrality!

Back to the General Data Protection Regulation

So now, for me, that means I have to do something. I have a website. I am a German citizen and my site is located on a server in Germany. -These are already 3 very bad conditions. My website stores cookies. I use a code to evaluate how my website is visited via Google Analytics and where improvements are needed. I have a contact form. Depending on the comment, profile pictures from Gravatar, Facebook or Twitter can be displayed. From time to time I recommend articles on Amazon. This already makes my website no longer a “private” one, but a “commercial” one. Surely I have much more privacy-relevant on this page, which I just did not even think of.

Until my first link on to Amazon, it was previously true that I do not even need an imprint, one page to contact me was enough. That’s over now, I definitely need an imprint and a page called privacy. Both must always be visible and reachable. Fortunately, I don’t have a webshop on my site. What else I need to do I’ll figure out and implement reluctantly.


I will update this article after each action is performed and list them here. (without translation)

  • Stand 06.03.2018
    • Keine Maßnahmen
  • Stand 07.03.2018
  • Stand 08.03.2018
    • ADV-Vertrag für Google Analytics per Post nach Irland geschickt
  • Stand 28.03.2018
    • Erneut mit der installation des SSL-Zertifikats bei Netcup gescheitert
    • Webseite zu Siteground umgezogen
    • SSL-Zertifikat installiert
  • Stand 20.04.2018
    • Aufgrund meiner Unzufriedenheit mit dem Abrechnungsintervall bei Siteground die Webseite nochmals auf ein neues Webhosting-Paket bei Netcup umgezogen
  • Stand 25.05.2018
    • Auf die aktuellste WordPress-Version aktualisiert, um die Möglichkeit zu haben, Nutzerdaten gemäß der DSGVO exportieren und löschen zu können
    • Hässlichen Cookie-Banner eingebunden – man weiß ja nie