Privacy Policies & Cookie Consent
The “General Data Protection Regulation” (GDPR) was approved and adopted by the EU Parliament in April 2016, and replaces the “Data Protection Act”. It seeks to give people more control over how organisations use their data, and introduces hefty penalties for organisations that fail to comply with the rules, and for those that suffer data breaches.
Is your website GDPR compliant?
The maximum fine for ignoring GDPR is considerable: 4% of your annual global turnover or €20 million – whichever is higher
Simply by having a website it is almost guaranteed you are collecting data. The EU has substantially expanded the definition of personal data under the GDPR: online identifiers such as IP addresses now qualify as personal data. Pseudonymised personal data may also be subject to GDPR rules, depending on how easy or hard it is to identify whose data it is.
- If you have a mailing list or a newsletter, this will also hold personal information. If you use a service such as MailChimp or Campaign Monitor and people sign up via your website, you are taking personal data and passing it on to a third party.
- Google Analytics may be installed on your website, in which case you are collecting data.
- If you operate an eCommerce website then you are collecting user data required to complete your orders.
- If you have any contact forms on your website, your user is giving you their data whenever they use those forms.
- You must ensure any contact forms, signup forms or any other area on your site in which your user inputs their data carries a checkbox where they give you consent to use their data. This box cannot be pre-checked.
- You need to have adequate security on your website to prevent any breaches. Failure to do so would be a violation of GDPR.
Here’s how we can help you: