What is GDPR?
The General Data Protection Regulation (GDPR) is a series of changes to the way data is captured and handled by everyone in the EU. The intention is to regulate and give more control to website users more control over their data is captured and handled. If you control a website and capture data from a user, they have the right to request that you erase this data.
25th May 2018
Does this affect me?
If you are an organisation within the EU which collects user’s data this means you, whether that be you’re collecting emails for marketing purposes or have a contact form. If this is the case, you will need to review your website and make some adjustments to become compliant.
What if I don’t comply?
The penalties for being non-compliant are fines up to €20 million
But the UK is leaving the EU?
When the GDPR comes into effect the UK will still be in the EU and furthermore plans to incorporate EU law into it’s own after leaving, this includes the GDPR law.
What actions do I need to take to ensure I’m GDPR compliant?
- Forms – If you have forms you may need to update the way these are handled
- Unbundled opt-in – If you have a tick box opt-in you may need to separate and clarify what you are opting in for
- Easy consent withdrawal – You need to have an easy way to request withdrawal of consent
- Name third parties – If you’re web forms are sending agreeance but not mentioning 3rd parties you will now need to do so
- Privacy / Terms and conditions – You'll also need to update your terms and conditions on your website to reference GDPR terminology
- Online Payments – If you are an e-commerce using a payment gateway and store any of this information you need to remove this information after a reasonable period.
- Is your website secure – To ensure your e-commerce website sends data securely you’ll need to make sure your website has an SSL certificate (HTTPS)
If you require any assistance becoming GDPR compliant or have any queries as to what changes you may have to make to your website feel free to contact us