Is your website GDPR compliant for the new Data Privacy and security laws?
Are you concerned about your website being GDPR compliant?
Times up the data law is now in force
Everyone is talking about it, some have been preparing for over a year, but now the deadline has passed, and by now you know that on 25th May 2018, the new General Data Protection Regulation (GDPR) laws came into effect, to protect individuals personal data. This new law affects the websites of all businesses and some aspects of your companies marketing, regardless of size, and heavy penalties in the form of fines, will be incurred for non-compliance.
To ensure you are compliant there are some Best Practice legalities that have to be enforced on your companies website and in your marketing processes. These best practices need to be implemented by everyone who has communications with individuals in the EU. The best approach is to make sure you are GDPR compliant, and to deal with the changes required as soon as possible.
We have put together a specific GDPR package to help Small to Medium sized business get their websites compliant, and ensure that any future data collected is well within these best practices.
The new GDPR law includes the following rights for all individuals within the EU regarding their personal data:
What does this all mean for your business?
If you collect any persons data from your website or outward marketing campaigns or just generally from a face to face meeting then you need to comply
GDPR applies to data collected via Cookies on your website, email forms collecting details, or any action that requires an individual to give you their details. Not only this, you must get specific permission from the individual that they are happy to Opt-in and also have the option to Opt-out. You cannot assume they are giving permission, they must tick a box or some other form of action to say they agree to you receiving this information from them and that you will take care of it securely.
GDPR is in place to protect individuals, whereby their details could be traced back through methods such as their computer’s IP address (commonly known on your website as Cookies).
Users should be informed that you are collecting their personal data and they MUST be able to easily opt-in and opt-out of this.
And there’s more……...
Control and Notifications
- Protect all individuals personal data with security such as encryption. And any of your platform providers need to comply, please check they are. For instance Google Analytics and Facebook are and have produced their own documents.
- Should you encounter a security data breach you have to inform the authorities and your customers within 72 hours of it happening
- You have to obtain consent to process data that you collect in respect of what do you do with it once you have it.
- You must also keep detailed records of how you obtained the data. This can be in the form of a detailed spreadsheet, and sample downloads can be found on the ICO website.
Policies & Documentation
- Being completely transparent about their data collecting
- Give an outline of how you collect the data and what you will do with it in terms of processing when you have it.
- And to define your data retention and deletion policies
Make sure you have up to date Privacy Policies, Terms of Service, and your Datasheet records of collected data.
Employee Training & Responsibilities
The Law requires that all businesses nominate an individual within the company or other office as Data Controller and this person will be designated as in charge of the companies data security and policies, and to ensure all members of staff are trained and aware of what the GDPR law is about and can show and communicate the information to other employees, customers, suppliers etc.
We are not Lawyers and recommend you seek your own independant legal advice.
Our information is only a brief outline of the full GDPR law and we recommend you visit the ICO website for more in depth information HERE
But we can hep get your Website GDPR compliant, and put the necessary documents in place for you. Please get in touch for more information on how we can help you.