Wednesday, May 16, 2018

335 How to Use Facebook Ads to Grow Your Blog in Five Steps

Do you want to use Facebook ads to grow your blog?

Are you afraid you'll be throwing money down the drain?

In this post, I will share five steps that will simplify the process for you.

Listen to the episode

My Facebook ad mistakes

We've all heard how great Facebook ads can be for driving traffic and getting sales.

I know I did. So I decided to give it a try.

spend much

Spending for ads with no ROI was a BIG mistake

I started posting things on my Facebook page and boosting it. And you know what? I got more visibility.

More people were seeing my content. Isn't that exciting? NOPE!

Because the REAL result was that I spent money and had no return on my investment (ROI).

In essence, I was paying Facebook to build Facebook. Now that's just dumb!

Then I got a little smarter. I decided to run Facebook ads to my sales page.

The problem – I spent a lot of money and got no sales. I was targeting the wrong people in the wrong way.

So I did what most bloggers do when they see money going down the drain – I turned off the faucet.

That was the end of my Facebook ad experiment.

Studying the best

Fortunately, that was not the end of the journey. You see, for the last 4 years, I've been working with the Social Media Marketing Society.

I'm now the head of training. This means that I get to work with the brightest social media marketing minds.

I help them refine their training so that they can give our members their very best.

And as a result – I've been able to learn the best techniques for using Facebook ads effectively.

And what I'm going to do is distill that down for you so that you can get started on the right foot.

So let's do this…

Start with your strategy


Start with your strategy. Ask questions.

Before we even get into running the actual ads, we need to talk about your business strategy.

There are three questions I'd like for you to answer first:

  • What is the end goal?
  • Who is my ideal customer?
  • How do I get them from where they are to where I want them to be?

What is the end goal?

Why are you running ads in the first place? Is it to grow your Facebook page (wrong answer)? Is it to get visitors to your site (ok


end goal gain customers

Your end goal – gain loyal customers and advocates for your business.

I'll tell you what your answer should be – to gain loyal customers and advocates for your business.

These are the people who love what you do, buy your stuff and share you with the world.

Getting these kinds of customer advocates starts with:

  • Creating Value
  • Helping them solve their problems
  • Helping them achieve their goals

Who are your ideal customers?

First of all – are they on Facebook? The answer is most certainly yes.

target facebook customers

Identify target customers. Are they on Facebook?

What kind of content do they engage with on Facebook related to your niche? This can be tricky to determine. But there are a few things you can do to determine this:

  • Analyze successful Facebook pages in your niche. What kind of content are they sharing? What kinds of posts do their followers engage with the most?
  • Join active Facebook groups in your niche. What are the members sharing? What kinds of posts, images, and videos?

Finally, another important question to answer is – what are they struggling with? THIS (along with what you find from the pages and groups) will be the key to attracting their attention.

Getting them to convert

The process of converting strangers into advocates is NOT a one-step process. It's done in a series of steps, with the key being a growing relationship built on providing value.

In fact, I illustrate that point in the following video:

Don't be like me in that video. Take people down all the stages of the funnel.

Those stages are awareness, familiarity, consideration, purchase, loyalty and THEN advocacy.

The best way to look at Facebook ads is a journey through the first four phases of that funnel.

Loyalty and advocacy will be the result of providing tons of value to your customers consistently over time.

Now that we've spoken about those foundational concepts, let's dive into the ads.

Step 1: Prepare your blog

Facebook Pixel

Download the Facebook Pixel on your blog.

Before running any ads, it's important to install the Facebook pixel on your blog. This is a piece of code that Facebook gives you to add to your blog. Once added, Facebook can track how its users interact with your blog.

This will be important for you to be able to track how your ads are working. It will also give you the ability to remarket to those people (more on this later).

To do this:

  • Go to the Facebook Ads Manager.
  • Click on “Create a Pixel”.
  • Name your pixel (name of your blog) and click “Create”
  • Add the pixel to your blog. You can do this using your theme settings or the “Insert Headers and Footers” WordPress plugin.

Here's a video to show you how to do that:


Once you do this, Facebook will start tracking your visitors. Whether you're running Facebook ads now or not, you should do this.

That will allow Facebook to start collecting that data for you to run ads in the future.

Step 2: Create custom audiences

A custom audience is an ad targeting option that lets you find people who have done certain things. Why do you want to create custom audiences?

Because it gives you the ability to target people who have shown their interest. If someone visits all your posts about the Instant Pot (for example), it would be smart to show them an ad for your Instant Pot course.

Here are a few custom audiences I would recommend for you to create:

  • People who have visited your blog
  • People who have visited your landing pages (opt-in and sales pages)
  • People who have subscribed to your email list.
  • People who have bought your products
  • People who have engaged with your content on Facebook (especially videos)

Here's a video to show you how to do that:


Whether you use these custom audiences now or not, they are good to have.

Let Facebook start collecting that data so that you can use them when you are ready.

Step 3: Create your funnel

Blog sales funnel

Blog sales funnel

This is where the magic happens. It's where you convert casual visitors into customers.

There's a lot to say about creating funnels. In fact, I said a whole lot in my episode on creating blog sales funnels.

I cover three specific plug-n-play funnels there. Choose one and set it up.

In an ideal situation, you will be able to use that funnel to determine the value of each lead. For example, if you get 100 people to signup to your list and 10 by your $37 product, you made $370.

That would mean that each lead would be worth $3.70. You now know that you can spend up to $3.69 on each lead and still turn a profit.

That's powerful information. But that will come over time. For now,  just create the funnel.

If you're new to this, I recommend creating separate landing and thank you pages for your ads. That will make it easier to track conversions from those ads.

Step 4: Create your ad

Create your ads

Create your ads

It's time to start driving that paid traffic to your blog. Depending on how you set up the funnel, you will be driving traffic to a post or landing page.

Here are the steps:

  • Go to your Ads Manager
  • Click on “Create Ad”
  • Choose an “Ad Objective”. I recommend starting with traffic and experiment with others over time.
  • Define your audience. You have a few choices here. You can choose one or more of the relevant custom audiences you created. You can specify relevant pages whose followers you'd like to target. You can also specify demographic information.
  • Set your daily budget (self-explanatory).
  • Create the actual ad. You get to choose the ad format (single image, video, carousel, etc). Add compelling copy to the headline and text and select the call to action button.
  • Once you've done all that, click confirm.

Once you've done all these four steps, the real work begins, which is step 5.

Step 5: Monitor and tweak as needed

If you thought your Facebook ads would be a “set it and forget it” system, you were wrong.

Split tests

Run split tests to improve the effectiveness of your ads

This is an ongoing process of monitoring and tweaking.

How much are you spending to get subscribers? This will tell you how well it's working. If your subscribers are worth $2 and you are spending $3 to get them, it's not worth it.

You can track these numbers in a few ways:

  • If you want to keep the setup simple, have separate landing and thank you pages for your Facebook ads.
  • If you want to get fancy, you can setup custom events on Facebook. This involves adding more code and is a bit more advanced. But it's better for tracking conversions. I'll have to cover this in more detail in a future post.

You can also run split tests to improve the effectiveness of your ads. And of course, you can try different formats like videos vs images vs carousel.

There are many ways to run ads. What works for me may not work for you.

The important thing is to set it up right and then keep testing.

Eventually, you'll reach a point where your ads are performing the way you want them to. That's when the magic happens. Your blog becomes like an ATM machine. You put your card in and pull the money out.

Your turn

Now I want to hear from you. Are you running ads to your blog? If so, how are they going for you? If not, do you plan on starting?

Let me know in the comments area below.

Resources Mentioned


Facebook Ads Grow Your Blog in Five Steps

Infographic: How to Use Facebook Ads to Grow Your Blog in Five Steps

The post 335 How to Use Facebook Ads to Grow Your Blog in Five Steps appeared first on Become A Blogger by Leslie Samuel.


Wednesday, May 9, 2018

What the Heck is GDPR? (and How to Make Sure Your Blog Is Compliant)

Ever get that feeling that something’s just waiting to bite you on the ass?

A disturbance in the force that you just can’t put your finger on?

You’re sure it’s not your anniversary?

Your kid’s piano recital?  

Maybe it’s the cable bill.


You can’t place what it is, but something’s waving a red flag.

For bloggers, that brain worm might just be the GDPR.

Niggling away at you like an unscratchable itch.

In a way, that’s good: You know enough about GDPR to be worried.

But in case you’re in the category of “blissfully unaware,” we’ll take a look at what the GDPR is all about.

And why it absolutely CAN affect you and your blog.

Disclaimer: I’m not a lawyer. The information below is absolutely not legal advice. But it might just save you a ton of worry and expense.

GDPR 101

GDPR is currently taking Europe by storm.

It’s the General Data Protection Regulation — a new data privacy law being introduced by the European Union — and it’s a bit of a game-changer.

It comes fully into force on May 25, 2018.

Yep, that looming deadline might just be lighting up your radar.

It affects people across the globe, not just in Europe. And some forward-thinking folks have been working on preparing themselves for the last year or two.

Well done them. Straight to the top of the class.

But the truth of the matter is that many people have been just the slightest bit “mañana, mañana” about the whole thing.

Now that the countdown can be measured in days, some people are getting a touch, well, panicky.

It’s like that school assignment that you had a year to write.

Here you are, “T-minus-one and counting,” and you’re staring at a blank page.

And that’s due, in no small part, to the fact that GDPR appears complex, and there are still some gray areas.

We are all struggling to interpret some of the details of the regulation.

But some things are clear — so in case GDPR is entirely new to you, let’s hit the basics.

The Five GDPR Basics You Absolutely Must Know

  1. It applies to anyone who processes “personal data” — Most obviously, that’s things like names, email addresses and other types of “personally identifiable information”;
  2. It creates significant new responsibilities — If you process personal data, you are now truly responsible and accountable for its security and the way it is used;
  3. It has a global reach — It might be an EU law, but it can apply to anyone, regardless of their location;
  4. It doesn’t just apply to traditional businesses — The principles are concerned with what you do with other people’s data, not who you are or why you do it;
  5. There are eye-watering fines for non-compliance — up to €20 million ($24m) or 4% of global revenue, whichever is higher.

So the GDPR’s scope is surprisingly wide-ranging. It could easily apply to you.

It gives data regulators powers to apply unprecedented financial penalties.

And crucially, it’s becoming extremely high-profile. The Facebook/Cambridge Analytica scandal alone has elevated the subject of data privacy to mainstream debate.

So it’s worth spending a little time to try to understand the key principles that the GDPR is attempting to achieve.

The Six GDPR Core Principles

The central principles of the GDPR are not new.

They expand on existing European Union data protection regulations, and most folks might generally consider them to fall into the category of “quite a good idea, really” (from the consumer perspective, at least).

So let’s break them down one by one.

Principle #1: Lawfulness, Fairness and Transparency

You must process personal data in a way that is lawful, fair and transparent.

“Lawfulness” has a specific meaning under the GDPR. There are six legitimate, lawful grounds for processing personal data. You must satisfy at least one of these six criteria before your data processing is “lawful.”  

The first and most obvious lawful basis for processing personal data is consent — that is, where the individual has specifically agreed (usually via one or more checkable boxes) that you may use their data in a specific way. More on consent later.

The majority of the other lawful grounds will be less relevant to bloggers. They include situations where it is essential for you to process personal data to fulfill a contract with the consumer, or if you are required by law to collect specific data (such as information required for tax records).

But the sixth and final lawful basis is relevant:

It can be lawful to process personal data without the individual’s consent if it is in your legitimate interest as a Controller to do so.

This is the subject of heated debate — because it appears to provide a convenient catch-all for controllers. (More on controllers later, but assume for now that the controller is you!)

Well it’s certainly not that, but it is an acknowledgement that data privacy is not absolute.

There should be a balance between the individual’s right to data privacy and the controller’s legitimate interest in running their blog, business or whatever.  

“Legitimate interest” is most likely to be used where consent is not appropriate or feasible.

Examples might include:
  • Storing IP addresses in server logs for the detection and prevention of fraud.
  • Using non-privacy-intrusive cookies (such as Google Analytics).
  • Storing personal data in backups to allow a blog to be restored following a technical issue.

These scenarios highlight that in some situations (such as preventing fraud), consumers must not be permitted to prevent processing. In others, it would simply be unworkable to try to gain consent in advance.

It will typically apply where your data processing involves minimal risk or impact to the individual’s privacy, and it is of a type that the individual might reasonably expect you to undertake.  

That said, we can be clear that “legitimate interest” is not:
  • Carte blanche to do whatever you fancy without consumers’ knowledge.
  • A justification for collecting data that you know full well your consumers would not consent to.

Those scenarios would not be lawful, fair or transparent.

Anyone planning to rely on the “legitimate interest” lawful basis will need to familiarize themselves with the detail of the regulation because there are specific requirements, such as the need to conduct a Legitimate Interests Assessment.

“Fairness” is not specifically defined in the regulation, but on any definition it overlaps significantly with lawfulness and transparency.

All of the regulation guidance suggests that fair processing involves ensuring that it does not have any unjustified adverse effects on the individual, and that data is used in ways that the individual might reasonably expect, given your relationship with them.

In short, if you are being open and transparent about how you process data, then you will almost inevitably being processing it “fairly.”

Examples of unfair processing might include:
  • Deceiving consumers about your real identity.
  • Attempting to hide the true purpose of your data processing behind swathes of small print or unnecessarily formal legal language.
  • Trying to hoodwink consumers in any way into providing their data.

“Transparency” is a fundamental and recurring theme throughout the regulation. You are expected to be conspicuously open and honest about what data you collect and what you propose to do with it.

More on transparency later.

Principle #2: Data Is Only Used for Specified, Legitimate Purposes

You must only use personal data for the specific purposes that you have declared.

Closely related to the concept of transparency, this principle demands that you may not collect data for one purpose, and then go on to use it in a different way.

Let’s take the example of a “Sign Up to Receive This Free Report” offer.

On the face of it, the individual is providing their email address so that you can send them the report. That’s it.

You cannot then add their email to your mailing list and send them other promotional material unless you’ve made it clear at the point of sign-up that that’s what you intend to do.

Principle #3: Limited to What Is Required to Achieve the Stated Purposes

You must collect only the minimum amount of personal data required to achieve your stated objective.

This is the concept of data minimization.

If you collect personal data to allow you to send blog notifications by email, then the minimum information you require is an email address. “Name” is probably fine too (for the purpose of personalizing your emails), but collecting anything else could be seen as excessive.

So if, in the same scenario, you also collect cell phone number, gender and age, then you need to be very clear why that information is necessary to allow you to send blog notifications.

Principle #4: Accurate and Up-To-Date

You must take all reasonable steps to ensure that any data you collect is accurate and kept up-to-date.

The risks to individuals’ data privacy are clearly increased where that data contains inaccuracies. Incorrect email addresses are a prime example of where other personal data can be inadvertently disclosed or leaked.

You are therefore obliged to address data inaccuracies without delay — incorrect data must be rectified, or deleted.

In practice, if someone contacts you to update their email address, you should take action on it without undue delay.

But being proactive is also important — for example, if you are getting regular bounce-backs from addresses on your mailing list, then this should be telling you something. Periodically checking your list and removing bounced addresses is highly recommended.

Principle #5: Time Limited

You must only hold personal data for as long as is required to achieve the stated objective.

It’s central to the concept of fairness that data is not retained for any longer than required to achieve the purpose for which you collected it.

Data retention also has implications for accuracy. If you’re still storing customer address data that you collected five years ago, the chances are that a significant proportion of that stale data is now inaccurate.

Principle #6: Data Must Be Processed Securely

You must process personal data in a way that ensures appropriate security.

The security of the data you hold is clearly pivotal to the whole objective of the GDPR. You are responsible for ensuring that there exist appropriate technical and organizational measures to protect against unauthorized access, loss, alteration and disclosure.

That said, you’re not expected to be Fort Knox.

But you are expected to take steps that are proportionate to the sensitivity of the data that you collect, and the risk to the individuals concerned were the data to be lost or disclosed.

Basic precautions would include:
  • Not storing consumers’ data on a portable device like a smartphone (especially if you’re the type who regularly leaves it in a cab on a Friday night).
  • Never sharing system login details with others.
  • Password-protecting any office files that contain personal data.
  • Using encrypted (https) connections for your blog (while this isn’t specifically required by the GDPR, it’s an all-around good idea).

That’s obviously not an exhaustive list, but you get the point.

All of the specific requirements contained within the GDPR are based upon these six principles.

By keeping these principles in mind, you should never deviate too far away from what the GDPR expects from you, even if you’re not an expert in the details of the regulation.

The problem is, there’s a certain amount of GDPR misinformation doing the rounds too.

Warning: Beware of These Three Dangerous Myths about GDPR

GDPR is new, and there’s a huge amount of speculation about how it will be applied in practice.

So let’s deal with some of the emerging myths.

Myth #1: I’m Not Based in the EU so It Doesn’t Affect Me

Don’t be fooled. That’s not the point.

The regulation protects consumers within the EU, regardless of where in the world the person who collects their data is based.

Anyone who runs a blog that is available to consumers within any of the EU Member States is potentially affected.

There are subtly different rules for controllers outside the EU, but regardless of whether you operate out of London, Milan or New York, GDPR needs to be on your radar.

At the very least, you will need to take an informed position on the subject, and that means having a plan.

Myth #2: I’m a Blogger, Not a Business, so It Doesn’t Apply

A swing and a miss.

While there are some provisions aimed specifically at organizations, the core accountability applies to anyone considered to be a “Data Controller.”

A Data Controller is the person responsible for “determining the purpose” of processing.

And it can be anybody — an individual or a business.

Long story short, if you are the person who decides to collect the data, or decides what data is collected and why, then you are a Data Controller — regardless of whether you are operating as a business in the normal sense of the word.

Bloggers. Micro-businesses. Non-profits. Charities. Hobbyists.

All potentially covered.

I’ll get into why I say “potentially” later.

Myth #3: There’s an Exemption for Anyone with Fewer Than 250 Employees


I’ve seen this one doing the rounds a lot, and it’s based on a very lazy interpretation of the rules.

If you process personal data and have fewer than 250 employees, you may have an exemption from one very specific administrative reporting requirement.

It is absolutely not a general exemption.

GDPR can apply if you have no employees at all.  

Four Common Blogging Activities That Could Put You in the GDPR Firing Line

As a blogger, you might feel that you’re not in the habit of collecting people’s personal data.

From there, it’s a very short walk to convincing yourself that GDPR is not your concern.

But think again — there are a number of very common blogging activities that can put you in the GDPR firing line.

#1. Collecting Email Addresses

Without doubt, this is the clearest scenario in which the GDPR can apply to bloggers.

Sure as eggs is eggs, names and email addresses are personal data.

If you invite people to give you this information — such as on a mailing list sign-up or via an online contact form — then you have a responsibility for that data.

As we’ll see later, this doesn’t of itself guarantee that the full force of the GDPR will apply, but it does mean that you are potentially affected.

#2. Using WordPress (or Another Content Management System)

Don’t misunderstand me, I’m a big fan of WordPress.

One of its biggest selling points is just how much it does for you straight out of the box.

But that can be a double-edged sword — would you know if WordPress was collecting/processing personal data in the background?

Possibly not.

Well it can, and it does:

  • With blog commenting enabled, WordPress will by default require all commenters to submit their names and email addresses before they can comment. This is personal data.
  • WordPress will set web cookies for anyone who logs into your site or submits a comment. The GDPR specifically states that cookies are potentially personal data.
  • All plugins that you install on your WordPress site give you additional functionality (that’s why you use them) — and every one of those plugins has the potential to collect personal data.

#3. Using Any Type of Web Tracking or Profiling

Use the Facebook pixel for tracking page views and conversions?

Track who opens your MailChimp or AWeber campaign emails?

Use Google Analytics to understand web traffic?

Each of these, to one extent or another, involves profiling the behavior of identifiable individuals, and is potentially within the GDPR’s remit.  

#4. Using a Web Host That Logs Visitors’ IP Addresses

It’s extremely common practice for your web server to record, in its server logs, the IP addresses of anyone who visits your blog.

Now there’s nothing the matter with that, because it can actually help to protect against malicious attacks and unauthorized access.

But IP addresses are personal data as far as the GDPR is concerned.

So, while you might not consider yourself to be actively collecting personal data, there’s a very good chance that, in reality, you are.

How Some Bloggers Can Dodge the GDPR Bullet

We’ve already seen that the core factor in determining whether the GDPR applies to you is whether or not you process personal data. It what the GDPR calls the “material scope” of the regulation.

But that’s not the only consideration.

We also need to consider what the GDPR calls “territorial scope” — and it’s this territorial scope that might allow some bloggers to dodge the GDPR bullet.

Territorial scope is EU-speak for the geographic limitation of the GDPR.

We’ve already touched on this in our first dangerous myth above.

The regulation protects the interests of consumers within the EU — regardless of whether the individual/business that collects their data is based in the EU or not.

So the real question is not where you are based — rather it is where your intended consumers are based.

A US-based blog can be caught within the scope of the GDPR if it in any way targets consumers in the EU.

But to be clear, if you can legitimately argue that your blog falls outside the territorial scope of the GDPR, the regulation will not apply to you — and none of the requirements, responsibilities or fines apply.

Some folks will, understandably, see this as a GDPR get out of jail free card.

Just be wary…

The GDPR makes a clear distinction between Data Controllers (remember, that’s probably you) who are based in the EU and those based outside the EU. It boils down to this:

  • Data Controllers in the EU are within the territorial scope, and the GDPR applies.
  • Data Controllers outside the EU are subject to the GDPR rules if they “offer goods and services” to individuals within the EU.

This distinction will be crucial for many bloggers.

It introduces the concept of your intended target audience.

If your blog is genuinely targeted at a non-EU audience and you don’t, in reality, process the data of EU consumers, then you have a potential exemption from the entirety of the GDPR.

But it’s important to understand that this is a gray area.

The actual wording of the regulation refers to whether “the Controller envisages offering goods and services to data subjects in the Union.”

If you blog about childcare in San Francisco, then I’d argue that you’re on pretty solid ground. It doesn’t have any obvious relevance to EU consumers, and it would seem fair to argue that you don’t “envisage offering a service” to them.

On the other hand, blog on a subject that’s not limited by location (such as the cool new features on the iPhone X), and that argument might not fly. Your content is just as relevant to EU consumers as it is to anyone else, and you probably have no real intention of limiting your readership.

So it’s going to depend very much on the nature of your blog.

Factors to bear in mind:
  • While there is no definition of what constitutes a “service,” it is highly likely that blogging will count as one (the UK data regulator has strongly implied to us that blogging is clearly an information “service”).
  • It is irrelevant whether or not your consumers pay you for your service;
  • Just because you have a blog that can be accessed from the EU does not necessarily mean that you intend to offer your services in the Union.
  • Some specific factors will strongly imply that you do intend to offer your services in the EU — such as offering payments in a European currency, having localized domain names (such as .eu or, or offering local phone number options.

Importantly, if in reality you DO process the personal data of EU consumers (let’s say by having people with email addresses on your email list), then it’s hard to argue that you don’t envisage offering a service to them.

Because you’re already actually doing it.

The $64,000 Question: Is Your Blog in Scope?

Coming to a conclusion about whether your blog falls within the scope of the GDPR is something that only you can do.

It will depend on the exact nature of your blog, the data you capture, and your target audience.

And there are areas that are not perfectly clear-cut when you apply them to blogging.

Just keep in mind that it’s human nature to try to shoehorn your own blog into one of the limited exemptions to the rules.

If you offer a service to consumers in the EU and, by so doing, process information that qualifies as “personal data,” then, at face value, the GDPR will apply.

If you’re in any doubt, the wise approach is to have a plan to tackle it.

Three Totally Legitimate Approaches to Tackling GDPR (Including One That’s Super Easy)

Let’s assume that the GDPR applies to you and your blog.

What now?

Strikes me that people are going to take one of three approaches that extend beyond simply pretending it’s not happening.

Approach #1: Do Nothing (aka “Wait and See”)

Let me be clear here: “Do nothing” is not the same as “ignore it.”

Ignoring it would be bad. It needs to be on your radar.

But depending on your approach to risk, you might well choose the “wait and see” method.

Day 1 GDPR compliance would be awesome — but pragmatically, it can take time, effort and potentially expense.

And realistically, you are unlikely to come to the attention of the data regulators unless you actually experience a data breach or someone chooses to make a complaint against you.

So why not just wait for the dust to settle and see what everyone else does?

  • You buy yourself some time.
  • Provided you keep your ear to the ground, you’ll get to see how the regulators approach enforcing the rules in practice.
  • The specifics of how to be compliant can only get clearer over time — so you can possibly avoid going down a variety of rabbit holes in the meantime.


  • This is undeniably a higher risk option.
  • You will technically be non-compliant on Day 1 (albeit along with much of the rest of the world).
  • Technically, you could be fined in the event of a data breach, such as your WordPress site being hacked.
  • Depending on your brand visibility, your reputation is at risk if you’re simply unprepared for things like individuals’ requests for access to data — and that might bring you to the attention of the regulators.
  • Regulators are likely to have little sympathy for people who have made no apparent effort to comply.

It’s hard for me to wholeheartedly advocate the “wait and see” approach — because it feels reactive, and maybe I’m a bit risk-averse.

But there is arguably a place for it if you understand and accept the risks.

That said, some of the risks can be mitigated, which leads me to the second approach.

Approach #2: Show Willingness by Implementing Some Quick Wins

While full GDPR compliance is going to be complex for some, there’s likely to be some low-hanging fruit to be had.

Not only will it start you off on a path toward full compliance, you’re also demonstrating a commitment to data privacy — and you might be surprised how much you’re already doing.

If you do nothing more than revisit your consent processes and publish a privacy policy on your blog, you will still be making a significant step towards compliance.

(Check out my Seven Easy Steps Toward GDPR Compliance below, which suggest what some of these approaches might look like.)

  • Significantly lower risk than doing nothing.
  • Relatively low effort, time and cost.
  • Simply reviewing your privacy risks will put you in greater control.
  • It promotes a data privacy mindset that will inform your future decisions.
  • Practically, you are even less likely to attract the attention of regulators.


  • Quick wins alone are unlikely to make your blog fully compliant.
  • You will need to commit some time and effort to evaluate your risks and liabilities.

My guess is that “showing willingness” will be where many bloggers and small businesses will be when the GDPR comes into force.

Approach #3: Go the Full Nine Yards and Aim for Complete GDPR Compliance

In an ideal world, full GDPR compliance from Day 1 is clearly the place to be.

It minimizes risk and — to those who know what to look for — demonstrates your credibility and professionalism.

For simple blogs and small online businesses, full compliance might be perfectly achievable, because simplicity is your friend.

  • All privacy risks will be closely managed.
  • You won’t be caught off-guard in the event of a personal data inquiry or, worse, a complaint.
  • All other things being equal, you get to sleep at night.


  • Will require time and effort to understand the full requirements of the GDPR.
  • May involve cost to bring processes and technology into line.

Seven Easy Steps Toward GDPR Compliance

The actual GDPR regulation itself is a horribly impenetrable document.

It runs to over 250 pages, with 99 main provisions (“Articles”) and 173 supplementary “recitals.”

And they wonder why people don’t read it.

Unless you’re a lawyer, you’ll likely come away from it feeling just a little overwhelmed.

But if you can master the concepts and the six core principles, you’ll see that there are a number of discrete, tangible things that you can do toward compliance.

And some of them are pretty pain-free.

#1. Make a Personal Data Inventory

Spend 30 minutes just brainstorming and documenting the types of personal data that you collect.

Then you’ll begin to understand where your actual liabilities are.

Make sure you consider:
  • The information you actually ask people for, in particular names and emails via contact forms and blog subscriptions.
  • The information that might be collected by your systems — if you use Google Analytics or Facebook remarketing, you will have some thinking to do about the fact that these applications use cookies. If you use WordPress or another CMS, it’s worth investigating whether you’re setting cookies that you don’t know about.

Only when you’ve identified how you collect data can you start to address whether you need to take further action.

#2. Publish a GDPR-Compliant Privacy Policy

Publishing a privacy policy is the most tangible thing you can do to demonstrate your commitment to data privacy.

It’s your opportunity to:
  • Outline what types of data you collect and specifically how you intend to use it — including who that data might be shared with.
  • Detail what types of cookies are used on your blog.
  • Describe what steps you take to ensure that the data is secure.
  • Highlight exactly what individuals are consenting to, how they provide consent and, importantly, how they may withdraw their consent in the future.
  • Explain the rights that individuals have over their data (the GDPR gives individuals a range of new rights, including the rights to access and the data and the “right to be forgotten”).

If you already have a privacy policy, you may already have much of this covered. But it’s unlikely that your policy will be GDPR-compliant without some form of amendment. If nothing else, you will need to add the range of data access rights that consumers have.

And just publishing your privacy policy is not enough.

You need to stick to it.

And make sure that anyone else working on your behalf sticks to it, too.

Your GDPR protection is only as strong as its weakest link.

Feel free to check out my own privacy policy as a guide to what should be included. You’ll find other great examples on the web, but I’m confident mine is firmly on the right track.

That disclaimer again: I’m not a lawyer, and this is not legal advice. And please don’t just copy my policy — it’s not polite, and your policy needs to reflect what you do, not what I do!)

#3. Be Crystal-Clear about Consent

A lot of people who talk about GDPR seem to think that consent is the silver bullet for all GDPR problems.

It’s not.

Consent is just one of six lawful grounds for collecting personal data under the GDPR, and it won’t always be the most appropriate one to rely on.

That said, it IS important.

Where consumers are volunteering personal information (such as online contact forms and blog sign-ups) you must ask for their specific consent if there is no other legal ground for processing that data.

This will usually mean having one or more checkable “consent” boxes on all sign-up forms.

Important things to consider:
  • People must be able to tell what they’re consenting to — vague and generalized statements about what you intend to do with the data will not cut it. (The days of “we collect data to improve your experience” are gone!).
  • Your privacy policy is the place for this information, and your readers must have the opportunity to read the policy before they are asked for consent.
  • Consent must be given as an “affirmative action” — so it is not acceptable to use a pre-checked consent box. Any consent checkbox must be unchecked by default (Some email providers like MailChimp make this easy with built-in GDPR features).
  • You must only use the information gained via consent for the reasons you gave when consent was given.
  • You should always take advantage of the “double opt-in” options that are found within campaign management tools like MailChimp. Double opt-in requires the individual to confirm their initial request before their data is added to your mailing list. It will also usually give you a means of demonstrating when consent was given.

#4. Stop Collecting Data You Don’t Need

Data minimization is the way to go.

Do you really need someone’s cell phone number to send them blog updates?

Probably not.

The more data you collect, the more data you’re responsible for.

If you can’t justify why you’re asking for a particular piece of data, don’t ask for it.

And if you already hold data that you don’t need (or can’t justify), now is the time to dispose of it. (Securely, of course!)

#5. Make Sure Your Blog Is Super-Secure

One of the core objectives of the GDPR is to keep personal data secure.

You can directly influence this by making sure that you are taking basic, common-sense security precautions such as:
  • Never sharing your blog’s login credentials with anyone else.
  • Always using strong passwords.
  • Removing the default “admin” user account on WordPress blogs.
  • Using a reputable security plugin to prevent unauthorised access.
  • Physically protecting data stored on removable storage such as USB sticks and external hard drives.

All of these things form the basis of the “how we protect your data” section of a privacy policy.

#6. Use a Reputable Web Host

You are most likely using some form of third-party web hosting for your blog — either shared hosting or maybe VPS.

By providing the servers that your blog runs on, that 3rd party hosting company becomes a “Data Processor” in GDPR terms — because they are processing data on your behalf.

You are effectively subcontracting the technical hosting activities to them.

As a result, they have access to any personal data that is stored on your blog — and they are therefore quite capable of being the weak link in the chain.

A reputable web host will be only too happy to talk to you about the security processes that they have in place, their security accreditations, and so on.

The best ones already have GDPR-compliant conditions within their standard terms of service, or will offer you a personalized data processing agreement on request.

This is important, because the GDPR expects you to have a written agreement with anybody who acts as a Data Processor on your behalf — especially if it involves processing that takes place outside the EU.

So choose your web host wisely.

And be prepared to find a different provider if you don’t get the answers you need.

#7. Check Your Google Analytics Configuration

Okay, this is a bit specific, but it might be the difference between compliance and non-compliance for some simple blogs.

Google Analytics uses cookies to track when people visit your blog. They enable GA to distinguish one visitor from another.

But, when set up correctly, GA cookies are likely to be seen as “non-privacy intrusive,” which means that you do not need to get prior specific consent to use them (which, believe me, would be a technical minefield).

For this exclusion to apply, though, you need to be careful:

  • It’s important that you haven’t implemented the (optional) User ID functionality within GA. User ID allows you to identify a particular individual even if they view your blog from different devices. You should know if you’re using this functionality, because it’s not enabled by default, and you would have had to implement it manually.
  • You should take advantage of the “anonymizeIP” function that GA provides, which has the effect of obscuring part of visitors’ IP addresses when the data is stored at Google. Note that this is switched OFF by default, but can be activated by adding a simple parameter to your GA tracking code (the exact code depends on which version of the Google Analytics code you’re using — analytics.js or gtag.js). If you’re using a plugin for analytics, you might find this option in the plugin settings.
  • You should make sure that you never (intentionally or inadvertently) include personal data within page URLs that are sent to GA. Not only is this bad for GDPR, it’s also a breach of Google’s Terms of Service.

For a handy visual reminder of the seven steps, check out the image below (click to see a larger view):

Seven Easy Steps Toward GDPR Compliance

Embed This Infographic On Your Site


Stop Hiding Under the Pillow and Get Ahead of GDPR

Like it or not, the GDPR could affect you.

Even if you’re not in the EU.

While regulators are extremely unlikely to start handing out huge fines on Day 1, smart bloggers will see this as an opportunity get their data processes properly nailed down.

Get on the front foot and you’ll have a better, deeper understanding of the value of the data that you hold, and the responsibility (and accountability) that you have for that information.

And frankly, even if the GDPR doesn’t apply to you, it’s a strong indication of where data privacy is going — so why not embrace the principles anyway?

It may seem a million miles away from why you pour your heart and soul into blogging. You blog to inform, to inspire, to share your passion.

But you’re also responsible to your loyal followers for the information they entrust to you.

So don’t lose sleep over it. Get ahead of it.

Because when you do, your blog will be stronger than ever.

Paul Long is a small business web designer, WordPress enthusiast and self-confessed data freak based in the UK. He currently spends his days helping folk to tread the fine line between GDPR denial and meltdown. For further actionable guidance, check out his free GDPR Action Plan for small businesses.

The post What the Heck is GDPR? (and How to Make Sure Your Blog Is Compliant) appeared first on Smart Blogger.


334 How to Network to Grow your Blog – with Robert Farrington

Do you want to know how to network in a way that grows your blog?

Wish there were simple tactics you can use to get you in front of an audience?

In this episode, you'll discover how Robert networked his way to 3 million monthly page views.

Listen to the episode

Who is Robert Farrington

Robert Farrington

Robert Farrington, owner of The College Investor

Robert is a Millennial Money Expert and the Founder of The College Investor.

He's on a mission to help millennials get out of student loan debt and start building wealth.

He also helps parents make smart choices about college financing options and navigating the complex world of paying for school.

They also recently wrapped up a student loan debt movement. Their readers were able to pay off or get rid of $1.4 Million in student loan debt in one month.

Robert's Story

From a young age, Robert loved finances. Get this – at the age of 13, he wanted to do his own taxes.

Now I don't know about you, but I'm 37, and I still hate doing taxes.

But because he was so passionate about topics related to money from a young age, he wanted to blog about it.

So he started The College Investor in September of 2009. The idea was to share random thoughts about investing.

The College Investor, Robert's Blog

The College Investor, Robert's Blog

After blogging about investing for a while, his blog still wasn't taking off.

But then something interesting happened. He ran into a difficult situation related to his student loan debt.

learn how to blog

Robert shifted his content to focus more on what his readers wanted.

Since he was also a blogger, he decided to share his story in a blog post.

The response was unlike anything he'd ever experienced. He started getting engagement and comments on that post.

A lot of people started asking him about that topic.

Since it resonated with people so much, he started a gradual shift to focus on student loan debt.

He kept using audience feedback to refine the focus on his blog.

When he started, his content was 90% focused on what he wanted and 10% of what his readers wanted.

Today, those numbers are opposite – more reader-focused.

How he grew The College Investor

Robert started focusing on learning how to blog and grow an audience.

He followed other personal finance bloggers to see what they were doing. He learned about setting up social profiles and commenting on other blogs.

But what REALLY helped him to grow was networking in three ways:

  • Networking with other bloggers online.
  • Networking with other bloggers at live in-person events.
  • Connecting with the media.

The result was a lot of growth and a wealth of opportunities.

How to network with bloggers online

One of the things Robert did was to connect with other bloggers in the personal finance space.

Robert learned from his network of bloggers

Robert learned from his network of bloggers

In the beginning, he did this via the Yakezi Network. Today, he connects with bloggers online via FinCon and Rockstar Finance.

But he didn't haphazardly do this. There was a method to his madness.

Here's what he recommends:

Create a lot of content

Robert recommends creating three pieces of content weekly for a year.

By doing this, you will:

  • Be ahead of MOST bloggers with content creation
  • Prove to yourself that you can do it.
  • Provide your readers with fresh content consistently.

Engage with, leave a comment and share 3 other bloggers' content daily

Robert started doing this with other bloggers in his space. These were the bloggers he met as a part of the networks he joined.

share comment engage

Engage with, comment on, and share 3 other bloggers' contents.

He also followed bloggers on Twitter to connect with them there.

His recommendation: Use Google to find blogs in your industry. Also, don't limit yourself to blogs. Look for YouTube channels, Instagram accounts, and even Medium blogs.

The goal is to connect with content creators in your niche.

One major lesson he learned that it isn't always about connecting with big names.

Don't ignore the smaller people in your space. Those same bloggers might be the next big bloggers.

By connecting with them early, you get to grow with them.

How to Network with Bloggers at Events

Networking in person was also a big driver of growth for Robert. He recommends seeking out conferences in your industry.

After hearing about FinCon multiple times, Robert decided to make the investment.

bloggers events

Network with bloggers at events

Here's what Robert recommends when trying to leverage conferences:

  • Go out and say hi to everyone (as much as possible).
  • Start the conversation before getting there. Connect with other attendees and speakers on social media before the event. Or shoot them an email.
  • Always try to go to lunch and dinner with people at the event. This will allow you to connect at a more intimate level.
  • Keep conversations going if they are going. Don't be too concerned with leaving an excellent conversation to attend a session.
  • Follow up after the conference. This is something most people neglect, but it can pay off in huge ways. Reach out to the people you met and ask if you can help them with anything. Ask if they have anything they'd like you to share with your audience.
    • Pro tip: Take advantage of the airplane ride to write notes on the people you plan on following up with. Make a plan for how you plan to follow up.

How to network with the media

Networking with the media has been the biggest growth factor for Robert's blog.

media network

Network with the media

You get the exposure plus the potential for relationships that carry on into the future.

Also, sharing your media hits with your audience helps to build your credibility.

Robert recommends using Help a Reporter Out (HARO). This is a service that connects journalists with specific sources. It's a great way to land potential media opportunities.

Here are his tips for leveraging HARO well:

  • Sign up to get their daily emails from journalists looking for specific sources.
  • Get on their general list that sends out all source requests. You can also choose to sign up for specific categories.
  • When you see a relevant source request, send your pitch QUICKLY. Journalists are often on a tight deadline and will usually go with the first good source.
  • Pro tip: Answer the question and give everything they can want in that email. Journalists are busy. Make their jobs easy by giving them the ability to copy and paste.

The benefits of networking

Benefits of Networking

Networking have a lot of benefits

Robert has experienced all kinds of benefits as a result of networking. Here are a few examples:

  • His blog has grown a lot. When he started, he was getting about 100 page views daily. In February of this year, his blog had 3 million page views.
  • He has been featured in every major publication, and on the news (both TV and Radio).
  • He has landed a number of speaking engagements and paid gigs.
  • He has established some strong brand connection.
  • He has formed mastermind groups.

All in all, it has been hugely beneficial for Robert, and it can be for you as well.

So what are you waiting for? Go forth and network.

Resources Mentioned:


How to Network to Grow your Blog - with Robert Farrington

Infographic: How to Network to Grow your Blog

The post 334 How to Network to Grow your Blog – with Robert Farrington appeared first on Become A Blogger by Leslie Samuel.


Wednesday, May 2, 2018

333 How to Become a Full-time Blogger

So you want to become a full-time blogger.

Then you stumbled onto the right post.

I'm going to share five things you need to invest in to make that dream a reality.

Listen to the episode

How to make money as a full-time blogger

I'm gonna go ahead and disappoint you quickly. This post isn't about how to make money.

It's actually the last in my series of posts on how to make money as a blogger.

The past posts were:

In both posts, I outline what it actually takes to make money. The truth is – if you want to make more money, do more of what I teach in those posts.

To make those things happen better, you need to build a serious business.

To build a serious business, you need to invest in the growth of your business. And I'm talking about investing two valuable assets – time and money.

So now that we have that out of the way, let's move on to your investments.

Invest in yourself

You are the owner of your business. You are the leader.

Invest in yourself

Take courses, read books, get more training.

In John Maxwell's book The 21 Irrefutable Laws of Leadership, he argues that:

“Leadership ability determines a person’s level of effectiveness” – John C. Maxwell

Your ability will always be a limitation. The more you increase your leadership ability, the more your business will grow.

This is why it's so important to invest in yourself. Take courses on blogging, business, marketing, and even leadership.

Read books. Listen to podcasts. Attend conferences. Continue to feed your mind. Do whatever it takes to raise that lid.

Here are some great resources for your continuing education:

  • Audible: Audiobooks have transformed my life and are a great way to learn on the go.
  • Creative Live: Top quality classes to help you grow in your profession.
  • Lynda: I use Lynda to learn how to use different types of software for things like video editing. But they have all kinds of other courses as well.

Invest in your team

Smart business-owners are great leaders. Great leaders build great teams.

If you want things done right, you have to do it yourself. That's what they say. And they would be WRONG!


Invest in your team, create systems and processes, and watch your business grow.

But it's so easy for talented people to think that way. Yes, you can do a lot. But your business can do so much more with a team.

You may need writers, designers, tech people, a bookkeeper, CPA and other skilled people.

It's not an expense. It's an investment.

Start small and build from there. To facilitate the growth of your team, create systems and processes.

Refine those systems and processes over time.

An excellent example of someone who has done that is Kate Ahl. She's one of my past clients and the owner of Simple Pin Media – A Pinterest management company.

What started as her pinning for a handful of clients has grown into a full team of expert pinners.

They now manage the Pinterest accounts for many successful bloggers.

Invest in your team, create systems and processes, and watch your business grow.

Invest in your product

In the context of this post, when I say product, I'm not referring just to products you sell.


What you create will be the driving force behind everything you do.

I'm referring to whatever you produce.

Invest in the content you create. Whether it's on your blog, on social media or elsewhere.

What you create will be the driving force behind everything you do.

Continue to refine your content. If you go back and look at some of my earlier posts, you will notice that my content has come a long way.

They used to be large blocks of text. Today, it includes nice images, infographics, slide decks and multiple forms of media. We have refined the product to make it better for you.

Beyond the content you create, there are the products you sell. Invest in making them better and providing more value to your customers.

Take their feedback and use it to refine what you do.

And then there's the equipment you use. A lot of people think I waste money in buying a bunch of equipment.

But as a result of my investment in equipment, I'm able to provide way more value to my coaching club members.

Now I answer every question with a professional video that takes little to no time.

My expensive video production equipment has made my content MUCH better.

It was not an expense, it was an investment.

Invest in your marketing


Don't just learn how to market. Do it.

For your business to be successful, you will need to sell stuff. To sell stuff, you will have to market.

To market, you will not only have to learn about marketing, you will actually have to do it.

And that will take an investment of time and money.

What is your marketing strategy? Are you running webinars? Are you creating email funnels?

Do you have a social media strategy and are you implementing it in your business?

Are you running ads or using re-marketing to target qualified leads?

Remember, you're running a business. It's time to act like it (if you're trying to do this full-time and grow your business).

Invest in your community

You're running a blogging business. And you know what?

Your blogging business is not about you!


Your blog and business is not about you but your community.

It's about the people you serve – your community. THEY are the star of the show.

And while you are the blogger and business owner, it's not about YOU.

Even if you're building a personal brand business, it's STILL about the people you serve.

It's about your blog readers.

It's about your email subscribers.

It's about your customers.

And it's even about your network.

Spend time and money on these people. Connect with them. Help them accomplish their goals.

Help them overcome their struggles.

Provide them with value. Do that consistently and magic will happen.

Go forth and conquer

Take action. Go full-time.

Take action. Go full-time.

So there you have it. That probably wasn't what you expected. But it's reality.

Now it's time to do the hard work. It's time to take action.

Because if you want to do this full-time, it's going to take full-time effort.

And if you'd like my support as you move ahead, check out the following resources:

Resources Mentioned


Full-time Blogger

Infographic: How to Become a Full-time Blogger

The post 333 How to Become a Full-time Blogger appeared first on Become A Blogger by Leslie Samuel.