fbpx
  • Speak to our web design team
    Call today on 01793 239239
  • Available Monday to Friday
    from 9:00am to 5:30pm
  • Website design & SEO
    in Swindon, Wiltshire

Running your website under the GDPR

What is the GDPR?

On May 25th 2018 the General Data Protection Regulation (GDPR) became law.

The GDPR requires websites to inform their users about what information they collect, store, and share, and establishes specific rules about the kind of consent required before websites can collect personal data. 

This means that websites now need to as for consent more explicitly, and detailing their use of personal data more specifically in their privacy policies.

The GDPR doesn’t only apply to businesses. Charities, clubs, and even blogs need to comply or face fines.

From 25th May 2018 GDPR is law...

What should you be doing right now?

You’ll want to designate someone to lead on GDPR compliance.

If you’re a one-person business, that’ll be you.

You need to disclose how and why you collect personal data, how long it is retained, and who it is shared with.

With Drupal, WordPress and WooCommerce, you also need to consider how plugins and services your website uses affect customer privacy.

Work out how you will respond to Right of Access and Right to Erasure requests.

There are some helpful new personal data export tools coming to WordPress and WooCommerce, and in Drupal too, but you need a plan for how you will handle requests from website visitors relating to their data.

Plan for the worst, and know what to do in case of a hack security breach.

No one wants this to happen, but preparing for this worst case scenario is part of your privacy responsibility under the GDPR.

Get in touch today!

Some articles that may help...

You should include this information in your emails to be GDPR compliant

Prompted by the GDPR and its headline-grabbing fines, businesses have worked hard to ensure that they have a proper legal basis for their email marketing. This usually means consent from users, although in some circumstances “legitimate interests” may also be an option. In addition to establishing a proper basis for marketing under the GDPR, businesses should include certain other information in their emails.

eu-cookie-law-means-changes-for-websites.jpg

Europe’s top court rules tracking cookies need active consent

As part of a case between consumer groups in Germany and the website Planet49, Europe’s top court has ruled that pre-checked consent boxes, or assumed consent, for analytics and tracking cookies are not legally valid – in any circumstances and violate the GDPR and ePrivacy Directive.

New ICO GDPR guidance: Passwords and encryption in online services and websites

The latest guidence from the ICO (Information Commissioner’s Office) could be relevent to anyone operating a website that allows users to log in, whether it’s staff, volunteers, customers, or the general public. Although the GDPR does not say anything specific about passwords, you are required to process personal data securely by means of appropriate technical and organisational measures.

We can give you a hand getting your website GDPR ready...

We hope these resources will be helpful as you navigate operating a website in this new world of the GDPR and protected data, if you need any help implementing any of the changes required under the GDPR just get in touch!

The GDPR became law on May 25th, 2018

In (very) short. GDPR states that if a website collects, store or use any data related to an EU citizen. You must comply with the following:

  • Tell the user: who you are, why you collect the data, for how long and who receives it.
  • Get clear concent from users, before collecting any data
  • Let users access their data, and take it with them
  • Let users delete their data
  • Let users know if data breaches occur

See this nice infographic from the European Commission

Not following these guidelines will eventually result in a fine. Up to EUR 20 million or 4% of your annual turnover – so quite a bit of money.

GDPR compliance for WordPress websites

For information on how we can help you on your path to WordPress GDPR compliance please get in touch.

GDPR compliance for WooCommerce 

For information on how we can help you on your path to WordPress + WooCommerce GDPR compliance please get in touch.

GDPR compliance for Drupal 7 websites

For information on how we can help you on your path to Drupal 7 GDPR compliance please get in touch.

Next steps

If you’d like more information on GDPR compliance, and it’s impact on your website, just give us a call on 01793 239 239, drop us an email, or use our contact form if you prefer.

Questions? Ask away!

View our privacy policy, which outlines how we use the personal information provided through our website.

Your contact for website GDPR compliance is...

Call today 01793 239239 to discuss the GDPR & your website!