GDPR - Is Your Website Compliant?

The General Data Protection Regulation (GDPR) is a new regulation designed to protect the data of EU citizens and EU residents both residing in the EU and around the world. Simply put, it is legislation that tells businesses that if they offer their products or services to EU citizens they must look after their data or face some pretty severe consequences. How does being fined 4% of your total global revenue sound? Not good. The new regulations come into force on 25th May 2018.

Will this affect my business?

The GDPR is likely to affect the majority of businesses trading today, regardless of size or industry. If you collect or process any personal data, you will be required to comply in accordance with the new legislation. This includes companies that use internal databases, apps, CRMS or even good old email to store the personal data.

If you are looking for a little light (and yes, there is some sarcasm there) bedtime reading, the GDPR website makes for some interesting reading. In this article, we’ll take a look at some of the things you can do to your website to ensure you are compliant.

The digital age of consent

Consent is a huge part of the GDPR. If somebody makes an enquiry through your website of any kind, that means you can no longer automatically add them to your mailing list. It also means you can’t pre-populate any checkboxes when they send you a query that they have to untick if they don’t want to be added to your mailing list. Consent can also be withdrawn by data subjects at any time.

And to make matters more complicated, consent doesn’t just apply after the GDPR comes into effect. You will need to prove that the people on your existing contacts or mailing lists have given their consent for their data to be gathered. For example, can you prove that everybody you send your newsletter out to has requested this information?

An easy way to prove this and keep consent on record is to send an email out to all contacts asking them to opt-in or opt-out of your mailing list. Sure, you may lose some subscribers along the way, but the main thing is that you are acting in compliance with GDPR and protecting your reputation and bottom line.

Making Your Website Compliant

If all this talk of fines and compliance is getting you a little hot under the collar, the good news is that with a little organisation and understanding of the rules, you can get your website compliant in no time.

Start with a personal data audit across the data that you currently hold on your users and customers. What are you using the data for, do you still need the data and where is it being stored? This will help you to define which data you still need to keep and which can be archived or deleted.

Start to work your way through the following steps. These are some of basic considerations that will apply to most websites:

• Forms - All forms that invite users to indicate contact preferences or subscribe to a mailing list must be set to blank. This consent must also be presented separately to any tickbox asking users to accept terms and conditions. You must also specify clearly how users can unsubscribe from newsletters. An unsubscribe option must be given on every newsletter and item of communication you send.
• Terms and Conditions - You must update your terms and conditions to make a mention of GDPR and in particular, how you plan to use and store personal data that falls under the regulations.
• SSL certificates - Ensure you have SSL encryption in place. This will ensure all data sent between your website and your users is encrypted.
• Create a privacy policy page - While your terms and conditions may specify how you plan to use data, a privacy policy page will give your users clear information without them having to trawl through other paragraphs.

Need help? Get in touch.

GDPR isn’t that scary once you get to grips with what you need to do to comply with the new guidelines. If you would like help with your website, get in touch. We can carry out a full data and website audit and make recommendations for improvements.