What is GDPR and what should we look out for?

GDPR stands for General Data Protection Regulation, a European Union-wide law on how data is collected, used and stored. It applies to anyone who collects or processes personal data. Breaches of the law not only result in fines of up to €20 million, but can also seriously damage your company’s reputation.

If you have a website that can be accessed by EU users, you will probably need to make your website GDPR compliant. If you haven’t already done so, you could potentially face a significant fine as the GDPR compliance date is 25 May 2018.

The main purpose of GDPR is to protect the rights of EU residents and give them more control over their personal data. In recent years, many businesses have realised how GDPR affects websites and owners, with a host of changes following to ensure their sites are compliant. However, some businesses are unsure of how to make their website GDPR compliant, while others have ignored GDPR requirements entirely and could face severe financial penalties.

How to make your website GDPR compliant

One of the key requirements to make your website GDPR compliant is to address the issue of consent. Information cannot be collected and processed unless consent is obtained from the user. While most websites describe in their privacy policy the information that is collected and how it is processed, under GDPR this is not sufficient.

It is no longer possible to argue that continued use of the website constitutes consent to the site’s privacy policy. Consent must be explicitly obtained by clear, decisive action. If your website doesn’t collect personal data (including IP addresses), doesn’t use cookies, and doesn’t have contact forms or newsletters, you won’t have to make changes to comply with GDPR.

Under the GDPR, it is not acceptable to use pre-ticked boxes when obtaining consent to collect and process personal data. Users must provide clear consent and if checkboxes are used, they must be manually ticked by users. Visitors must be informed how long their personal data will be stored and the individuals with whom the information will be shared.

All data must be limited to the minimum amount necessary to achieve the purpose for which it is collected. GDPR also requires all personal data to be secure, so data encryption must be considered.

It is important that visitors are able to be easily contacted if they wish to exercise their right to be forgotten, request a copy of any data that is collected or check their personal details for accuracy, so all contact information must be up to date.

Should a website visitor wish to be forgotten, it is useful to have a mechanism that allows this to happen automatically. Performing such a task manually will be time consuming, especially if multiple requests are received.

It is the responsibility of all website owners to familiarise themselves with GDPR rules and make their websites compliant. If a breach is found, the supervisory authority must be notified within 72 hours.

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Author:

Christian Pangratz

Christian Pangratz

Christian Pangratz is the CEO of LabForty, with strong aptitude for strategically assessing, formulating, and solving technical & business challenges in software development. Chris is result-driven with a taste for high-impact projects that cross multiple industries.

Don't miss the news!

Sign up and receive our regular news and tips.

Latest news

FlexInvest chose LabForty for its new mobile app

FlexInvest chose LabForty to develop its new mobile app for iOS and Android. Over the years, Flex Invest has recognized LabForty as a trusted partner that can take on the development of digital products and the company’s online presence.

What is GDPR and what should we look out for?

GDPR stands for General Data Protection Regulation, a European Union-wide law on how data is collected, used and stored. It applies to anyone who collects or processes personal data. Breaches of the law not only result in fines of up to €20 million, but can also seriously damage your company’s reputation.

Successful online presence through individual design

When building a successful online presence, the decisions you have to make can seem endless at first, from the choice of colour scheme, number of pages and their structure to what marketing tools will be used. All of these decisions are crucial to reach and present your company to your audience in the most appropriate way.

Web development as a powerful tool for business growth

Developing an effective web presence is imperative for sustainable business growth. Although you may invest a lot of time and resources on your social media pages, if your website doesn’t appeal to your audience, your digital marketing efforts will be in vain.

We Make Innovation Accessible.

The team at LabForty believes that software plays a crucial role for any business. We bring our industry knowledge and technology expertise to help you nurture customer decisions and drive revenue.