GDPR is the General Data Protection Regulation, and it goes into effect tomorrow in the EU. It regulates how businesses collect, use & process personal data.

what the heck is gdpr

You may think “I’m not in the EU, so why should I care!?”

Because if you have anyone visiting your site in the EU (even an American there on vacation), and you’re collecting data such as name & email address for a newsletter or contact form — you’re subject to this regulation. It affects things like the privacy policy, opt-in's, and how you generally add people to your newsletter/mailing list.

You’ve (hopefully) seen information all over about it - and you’ve probably received a ba-jillion emails from companies sharing updated privacy policies.

I’ve updated mine as well. Even without the new GDPR for the EU, you should have a privacy policy. (Really, a disclaimer & terms of service too, but baby steps.) 

Here’s the link to where I got mine, in case you’re looking for a template that’s easy to use & understand. (No, you can't just copy/paste someone else's — that violates copyright law.)