Preparing Your Heroic Site for the GDPR

What is the GDPR?

The General Data Protection Regulation (GDPR), which comes into force on May 25th, 2018, aims to protect the fundamental right to privacy and the protection of personal data of European Union (EU) citizens.

This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not you or your business is located in the EU, if you have EU site visitors, or if your marketing campaigns target EU citizens, this affects you.

What does the GDPR mean for you?

Transparency and communication with your site visitors are key elements of the GDPR. As part of the new regulation, you must let your site visitors know how you collect, store, and use their data, in a clear and transparent way. In addition, you must comply with your site visitors' requests to receive a copy of their data that is processed on your site.

How to help your Heroic site meet GDPR requirements

Take a look at our recommendations below so you know how to start preparing your Heroic site for the GDPR.

  • First, create a privacy policy

    A privacy policy is a statement that discloses the ways in which your website gathers, uses, discloses, and manages your site visitors' data. Heroic cannot provide you with legal advice on how to write a privacy policy, however, we do recommend that you maintain a clear and comprehensive privacy policy for your website, in accordance with the GDPR and local privacy regulations.

    As a site owner, it is your responsibility to inform your visitors how your Heroic site processes their data. It's important to include information on how your site uses cookies and other tracking technologies. Click here to learn more about which cookies are placed on your site visitors' browsers.

    You should include a checkbox on any form that accepts a visitor's personal data, such as an email address that requires your visitor to acknowledge that they have read and agreed to your privacy policy.

    For information on how Heroic handles your site visitors' data please review Heroic's Privacy Policy.
  • Next, establish a legal basis for processing your site visitors' data

    In accordance with the GDPR, you are permitted to process your site visitors' data (e.g. collect, use, store), so long as the process meets the requirements of the GDPR. There are many ways in which you can lawfully process your site visitors' data - requesting their consent is just one of these ways.

    Click here for more detailed information on the regulation.

    If you want to receive 'explicit consent' from your site visitors before processing their data you may do so using Heroic forms or by adding an external feature via the HTML element. Please note that if you choose to receive explicit consent, you must ensure that it meets the standards required by the GDPR.
  • Get consent for your marketing campaigns

    Sending marketing campaigns requires consent from your site visitors. If you're using any kind of 3rd party email service provider, this applies to you.

    Consent to receiving marketing campaigns can be interpreted and applied in different ways on your site. For example, you can add a disclaimer next to your 'Subscribe' button informing your site visitors that clicking the button will subscribe them to your marketing campaigns. This is called 'implied consent'.

    Our interpretation of the GDPR suggests adding a checkbox onto your form for each type of communication you're intending to send your subscriber. Eg: newsletter communications, commercial communications, product-specific communication.

    You can do this by manually adding checkboxes to your forms using the Heroic form builder, or with our new GDPR Form Compliance Tool.
  • Heroic's new GDPR-form compliance tool

    We are currently implementing an automated tool that will allow you to make your forms GDPR-compliant in 1 click. When that tool becomes available for YOUR email service provider (ie: Mailchimp, aWeber, etc.) depends on when they update their API with specific GDPR functionality. Most services haven't updated their API, and as they do, we'll add them to our GDPR-form compliance tool.


This document should not be taken as legal advice.

To ensure regulation compliance we recommend reviewing the details of the regulation, as well as seeking your own legal advice.

As stated in our Terms of Use, it is your responsibility to ensure that Heroic services are permitted and abide by your local laws. Any information contained herein is not legal advice and you should not rely upon it as such. The GDPR is a complex regulation and requires multiple actions from site owners. We recommend that you seek legal advice to understand and to prepare for possible additional requirements stated in such regulation.

Make sure your third-party apps are GDPR compliant too

As part of the GDPR, you are responsible for any third-party apps or services implemented on your site. These services can include data analytics tools (e.g. Google Analytics, the Facebook pixel, etc.). While reviewing your Heroic site for GDPR compliance, make sure that these apps and services are also GDPR compliant. If you're not sure, contact them directly with your questions or concerns.

NEW: Can we do the work for you?

If you're like most entrepreneurs, you have a million projects in your head, with no way to get them all done. As a result, you feel stalled and frustrated.

You've tried doing it all yourself, but you know it's unsustainable, and a one way ticket to burnout and overwhelm.

You don't yet have the resources to hire your own team of designers and developers, so you feel stuck, going around in circles.

If you resonate, then relax, because we're here to help.

Our in-house tech, design & web team is ready to help, and available for almost anything. (Seriously!)

We'll take all of the tasks you've been collecting, and make them happen for you quickly and efficiently in the background, leaving you free to focus on what you do best.

And you won't pay through the nose either -- it's available for an incredibly low 5-hour "done for you" package -- it's just $200 for access to our in-house, highly-trained team of tech and design professionals. Best of all, the time never expires and you can use it as quickly or as slowly as you like.

Grab your 5-hour 'done for you' package here and let's get your business moving again!

Creating Pages

Pages are the heart of your site, and what you can build in Heroic is simple unmatched. Here's all the support you need to get started.

View this category

My Account

Got questions about how to manage your account? We're compiling them all here. If we missed anything, let us know and we'll add it.

View this category


Our goal is to integrate with every 3rd party platform out there. Here's what we have currently!

View this category


Heroic comes with a full featured, yet simple-to-use blogging platform that allows virtually anyone to get bloggin'...

View this category


Normally popups are hard to create, add to your site, and integrate with 3rd party platforms. Not here :)

View this category

Fonts & Colors

Heroic's global font & color system keeps everything looking great, and makes editing FAST!

View this category


Here's how to connect your site with your custom domain

View this category

Conversion U

Some our best articles on copywriting, design, branding and more!

View this category

Random Stuff

A home for articles that don't seem to fit anywhere else. Give 'em some love?

View this category

Trainings & Courses

Our expertly curated collection of education and training...

View this category

Recommended Tools

Here are the 3rd party tools that'll make life easier as an online entrepreneur!

View this category