MainWP Blog - Donata Stroink-Skillrud
Donata Stroink-Skillrud is an attorney licensed in Illinois and a Certified Information Privacy Professional. She is also the legal engineer behind Termageddon, a SaaS that has generated thousands of Privacy Policies and successfully kept them up to date with changing legislation. Donata is also the Chair of the American Bar Association's ePrivacy Committee and Vice-Chair of the Chicago Bar Association's Cybersecurity and Privacy Committee. Donata is also the past Chair of the Chicago Chapter of the International Association of Privacy Professionals along with being Privacy Liaison for MainWP.
Your Website is Collecting More Personal Data Than You Think
As a privacy professional, if I had a dollar for every time someone said “my website does not collect any personal data” or “my website collects very little personal data”, I would be rich. Many business owners incorrectly assume that their websites do not collect any personal data at all and thus think that privacy laws or privacy requirements do not apply to them. The truth is that the vast majority of modern websites do collect personal data. While collecting Continue reading the post...
How to Review Your Small Business Website for Privacy Mistakes
Published on April 1, 2026 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
Privacy requirements can be overwhelming, especially for small businesses. Sometimes, it’s hard to know where to even start evaluating whether your small business website is compliant with the requirements that privacy laws can impose. However, evaluating your website for privacy pitfalls is important as privacy laws can and do apply to small businesses and non-compliance fines can be high (starting at $2,500 per website visitor). In this article, we will discuss how to check your website for the most common Continue reading the post...
Do Privacy Laws Apply to Small Businesses?
Published on March 18, 2026 by Donata Stroink-Skillrud under Privacy, WordPress Business, WordPress Security
If I had a dollar for every time I heard someone say “my business is too small for privacy laws to apply to me”, I’d be rich. In fact, many small businesses assume that privacy laws do not apply to them because their business is too small, they collect too little personal information, they don’t have many (or any) employees, they make too little revenue, or because people input their personal information into website forms voluntarily. However, all of these Continue reading the post...
Is your Privacy Policy truthful?
The fact is that most companies know by now that they need to have a Privacy Policy. Most modern websites collect personal information such as names, emails, phone numbers and IP addresses through features such as contact forms, email newsletter subscription forms, account creation forms, eCommerce, analytics or advertising, thereby subjecting the business to privacy laws, which require them to have a Privacy Policy. When it comes to Privacy Policies, there are a few basic standards that need to be Continue reading the post...
California’s New Cybersecurity Audit Requirements: What You Need to Know
Published on December 16, 2025 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
As many of you know, California leads the nation when it comes to data protection, whether it be the California Online Privacy and Protection Act (CalOPPA), the California Invasion of Privacy Act (CIPA), or the California Privacy Rights Act (CPRA), the State has always been at the forefront of providing privacy protections to consumers. The California Privacy Protection Agency (CPPA) recently enhanced protections for individuals and requirements for businesses by releasing Regulations requiring certain companies to undertake cybersecurity audits. In Continue reading the post...
Vendor Due Diligence: An Important Aspect of Privacy Law Compliance
Published on November 24, 2025 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
You have your privacy obligations down pat – you know which privacy laws apply to you, your Privacy Policy is up to date with the latest laws, you don’t track website visitors without consent, and you have a process for replying to privacy rights requests. But have you ensured that your vendors are in compliance too? When you share your customer data with a vendor, you are also responsible for making sure that the vendor processes that data in accordance Continue reading the post...
What you need to know about Tractor Supply’s $1.35 million privacy settlement
On September 30, 2025, the California Privacy Protection Agency (CPPA) announced a $1.35 million settlement with the Tractor Supply Company for allegedly violating the privacy rights of residents of California. The CPPA claimed that Tractor Supply violated California privacy requirements by failing to provide an effective mechanism to opt out of the selling or sharing of personal information, failing to have the required disclosures in its Privacy Policy, and failing to have the appropriate contractual protections when disclosing personal information Continue reading the post...
What You Need to Know About the EU Data Act
On September 14, 2025, the major provisions of the EU Data Act went into effect, affecting companies producing connected products, offering related services, and third parties that may receive data from a connected device (even if the company is not located in the EU). The Act provides new rights to access data, implements new product design requirements, makes it easier for consumers to switch between providers, imposes new contract requirements, and more. In this article, we will discuss the major Continue reading the post...
What You Need to Know About the Texas Responsible Artificial Intelligence Governance Act
On June 22, 2025, the Governor of Texas signed the Texas Responsible Artificial Governance Act (TRAIGA) into law, prohibiting the development of AI systems for certain purposes, protecting consumers, and developing a sandbox program. This new law goes into effect on January 1, 2026 and includes numerous notable provisions for developers of AI systems, which are discussed below. Who does the Act apply to? The TRAIGA applies to any person who: Promotes, advertisers, or conducts business in Texas; Produces a Continue reading the post...
How to Protect Your Privacy When Using AI Tools
Like it or not, most of us are exposed to or interact with AI tools almost daily. We may interact with an AI chatbot on a website, ask ChatGPT whether cats can eat pancakes, use Fathom to help us take notes during meetings, use Gemini to help us respond to emails, or even have AI analyze our X-rays. While AI can certainly be a very helpful tool, it is not without its risks. As AI becomes more and more integrated Continue reading the post...
Share
Manage Unlimited WordPress Sites from One Dashboard!
- Privacy-first, Open Source, Self-hosted
- Easy Client Management
- 15+ & 30 + Premium Add-ons
- Bulk Plugins & Themes Management