You have less than 30 days to make sure your website and marketing is compliant with the EU’s General Data Protection Regulation (GDPR), coming into effect on 25 May 2018. Are you ready? Legal advice should always sought about complying with GDPR, but here are some of the key things you need to be aware of…
What is the GDPR?
The GDPR, or General Data Protection Regulation, has the powers to ensure all companies within the EU comply with new legislation involving the collection, storage and use of customer information and data.
To be clear, this includes ALL forms of customer data, including:
Social media posts
IP addresses (gathered from analytics software for example)
Identify numbers such as NIs and SSNs
It’s important to note that the principles outlined in the General Data Protection Regulation (GDPR) are not a million miles away from those outlined in the Data Protection Act. If you are complying with those principles, you’ll mostly be ok. However, there are a few significant changes that you must abide by.
What do I need to know for my online store or website?
As a web design firm, our customers want to know how to ensure their sites are compliant.
From a front-end perspective, there are several key aspects you will need to change in the running of your online stores:
Think how you are asking for data.
For example, if you ask a visitor to subscribe to a newsletter then the form must default to “no” or be blank.
You mustn’t “bundle” consent either when you are using the data for different purposes. So in your forms, there should be separate checkboxes for things like accepting your terms, subscribing to the newsletter or receiving special offers.
Confusing legal language is no longer acceptable. Be clear, legible and transparent.
The visitor needs to know what they are giving their consent to, and you need to explain why you are asking for it.
The right to be forgotten
Customers should be able to delete their accounts and ‘be forgotten’ by you as a company. This should be an easy process. We recommend for small businesses that you ensure you are easily contactable, if anyone wants to request this.
Third party headaches
If you share data with third parties, you need to put some work in to ensure your site is clear on this. Luckily, most basic websites containing a simple contact form won’t need to worry as they don’t share customer data.
Include a privacy notice in your footer
The Information Commissioner’s Office (ICO) has provided a sample privacy notice that you can use on your website. It is concise, transparent, and easily accessible.
Think about cookies
If your site uses tracking or reporting software, like analytics or conversion tools, then you will likely be using cookies. You will need to notify visitors and ask them to accept.
We also recommend having a page on your site outlining what cookies you have and how they are used.
If you are a big business, you need to appoint a Data Protection Officer, whose first responsibility is to report these breaches.
These are just a few of the key changes you need to be aware of to be compliant with the law. Of course, we recommend you seek professional legal advice where necessary. If in doubt, or if you’d like us to help with any of these changes, just get in touch. Remember: it is your responsibility as the business owner to make sure your website and marketing is compliant, the fines for failing to do so can be very high. Don’t delay!
If you are new to online marketing, words like "platform" and "CMS" can sound like nonsensical jargon. So let's make things simple...
Are you going to be selling products on your website? Will you be taking payments? Will you need a shopping basket and checkout system? If the answer to these questions is "yes" then you'll probably need our Shopify website design packages.
Do you just need a website to advertise and promote your products & services? Are you looking to build a content-based site rather than an online-retail store? Then you will probably need our WordPress CMS website packages.
Don't worry if you are still confused; just get in touch and we'll talk you through it.