Loading...

The “General Data Protection Regulation” (GDPR) will be enforced on the 25th of May 2018. Its aim is to give people more control over how companies use their data. Those companies that do not lay out, and adhere to, their policies in a clear and concise manner are liable to a weighty fine. Are you ready?

“But what if I don’t collect any personal data?”

Simply by having a website it is almost guaranteed you are collecting data. The EU has substantially expanded the definition of personal data under the GDPR: online identifiers such as IP addresses now qualify as personal data. If the data you process could be combined with other data to identify someone, it can be classed as “Personal Data” or “Personally Identifiable Information”.

  • Your website will most likely use cookies in order to enhance your users experience on your site. Cookies carry a modest amount of data which can include usernames and/or IP addresses. GDPR classes this information as “personal data” and as such you will need to comply with the new regulations.
  • If you have a mailing list or a newsletter, this will also hold personal information. If you use a service such as MailChimp or Campaign Monitor and people sign up via your website, you are taking personal data and passing it on to a third party.
  • Google Analytics may be installed on your website, in which case you are collecting data.
  • If you operate an eCommerce website then you are obviously collecting user data (as it is required to complete your orders).
  • If you have any contact forms on your website, your user is giving you their data whenever they use those forms.
“What does this mean for me?”
  • As a website owner it is your responsibility to stay within the law. You need to revisit your Privacy Policy to make sure it is compliant, comprehensive, and relevant to your business. Using a template and hoping it covers you is no longer enough.
  • You need a to present a cookie policy to your user. Cookie law requires presentation of a banner on the first page the user visits on your site – it is important to note this may not always be your home page.
  • You must ensure any contact forms, signup forms or any other area on your site in which your user inputs their data carries a checkbox where they give you consent to use their data. This box cannot be pre-checked.
  • You need to have adequate security on your website to prevent any breaches. Failure to do so would be a violation of GDPR.

These laws will affect you! Your business can be fined for breaching GDPR: up to a maximum of 4% of annual global turnover or €20 million, whichever is higher.

We have an easy solution:

At Redfoot Works we want to ensure our clients don’t get caught out by these complex new regulations and so are rolling out a service that will ensure your Privacy Policy and Cookie Consent are always up to date and compliant with the law. Here’s how it works:
  • We enlist the services of an external group of lawyers, designers and developers that create legal documents for websites. Once these have been generated specifically for your website they are hosted on an external server and embedded into your site.
  • The legal text is then automatically updated any time the law changes and as such the information stays relevant – you don’t have to periodically call your lawyer to do this for you.
  • This service also includes a cookie policy based on the contents of your privacy policy, and also the legally required banner every user needs to be presented with when they land on your site.
  • On top of this we will add any checkboxes required for your eCommerce pages or any contact forms you have.
Our GDPR solution is a monthly service: this ensures the wording of the documents can be continuously revised by a legal team (and is considerably cheaper than hiring a lawyer!). If you want to find out more you can get in touch here.
2018-05-10T15:57:13+00:000 Comments

Leave A Comment