Making your website GDPR compliant

With just a month to go until the General Data Protection Regulation (GDPR) comes into force on 25th May 2018, many businesses are beginning to consider if the new regulations will affect how their business operates.

Need to know: What is GDPR?

The GDPR is a new set of data regulations that will impact on how businesses collect and store personal data in Europe. It will replace the current guidelines and has been designed to give individuals more control over the data organisations hold on them.

The new regulations will also make it easier for businesses to understand how they can collect and store personal information and outline how data can be shared.

There are some significant changes however, the one that affects the online world the most is that businesses will need an individual’s consent before processing their personal data. This gives people the opportunity to find out how their data will be used and gives them the chance to request that their data be erased.

As most websites will collect and store customer’s personal information it is vital that they ensure their website is compliant with the new regulations, as failure to do so could result in hefty fines.

Making your website GDPR compliant

As the GDPR regulations are extensive, there are many different processes that will need to be implemented into your website however the following are the most basic exercises that would help towards your website becoming GDPR compliant.

Double-opt in contact forms/newsletter sign ups

As your customers will now need to know what their data is being used for it would be ideal to offer a double opt-in contact form option. This means that when they are providing their personal information they will have to tick two boxes that explain what their information will be used for.

It is now no longer suitable to have a ‘if you do not consent please tick this box’ option, you must have a positive opt-in option for your customers.

Update your privacy notice

This should outline your reason for collecting data and explain how it will be processed by your company, this is an essential document that all businesses that are collecting data should have on their website.

It should also go into detail about how information is stored and the process of requesting to see information and having it removed.

Website security

Even prior to the new GDPR regulations, website security is something that we put a heavy focus on for our clients. However, as part of the new regulations any data breaches must be reported to the ICO, therefore it is essential that you regularly check the security of your website for potential data breaches.

Need assistance with making your website GDPR compliant?

If you own or work at a business that operates within the EU and processes personal information you will be affected by the GDPR.

For advice on implementing process that are compliant with the new regulations into your website, contact our team on 01257 758078 email us at enquiries@codeias.co.uk.