Tag Archives: GDPR Compliance

GDPR is Here – What Now?

GDPR is Here
Category: News
May 28, 2018
Unless you were living under a rock it was hard to ignore anything and everything GDPR Compliance related last week. Whether it was the constant inflow of “privacy policy updates” to your inbox or panicking over trying to make your own website compliant by the 25th, chances are the majority of your time during the week was taken up with GDPR related issues. As you may be aware the 25th of May was the introduction of the GDPR law and it is these rules that are laid out as part of the regulation that will be enforced in the future. To protect your business from fines for non-compliance it is vital that you make sure you are meeting the standards set out by GDPR. Whilst every website is unique and will require different changes to be implemented depending on their respective industry, there are a few things that every business must make sure they have done across the board to be in line with GDPR compliance. These are such things as:

Cookie Plugin Your website must have a notification upon entering the site that alerts users that your site has cookies, the option to view and disable these cookies must be presented to the user to be GDPR compliant.

Privacy Policy You must have a privacy policy and links to your policy enabled throughout site.

Cookie Policy You must have a cookie policy and this must be linked to in the aforementioned cookie plugin notification.

Data Statements Under any forms where user’s are inputting information to you such as contact forms you must have a visible statement below it which outlines what you will be using the data received for.

Terms and Conditions in checkout If your site has an E-commerce element you must have an opt in box that user’s must tick that says “I have read and understand the terms and conditions” before they input their card details to complete a purchase. It must be mandatory for the box to be ticked to complete the purchase and a link to the terms and conditions should also be available.

These 5 are a few important elements that must be implemented in your quest towards GDPR compliance, it is not however the full exhaustive list. Depending on your website there may be many more changes which need to be made or a select few more may only required. For a full comprehensive review of your Website by 2Cubed which will outline exactly in our opinion what is required to aid your website towards GDPR compliance please feel free to get in contact with us today!

What The GDPR Means For Your Website

What is GDPR
Category: Tips and Tricks
November 9, 2017

What is GDPR?

The General Data Protection Regulation (GDPR) is a series of principles designed to strengthen the protection of data for EU citizens and residents. Having been ratified in April 2016 it will be enforced by every EU state from the 25th of May 2018 onward and represents the single greatest advancement of EU data privacy in more than two decades.

While many of the legislative principles that make up the GDPR are similar to those found in the current Data Protection Act (DPA), there are a series of new measures and significant enhancements involved.

Introduced in order to protect individuals from potential future data breaches, the GDPR will allow individuals to wield far more control over the personal data companies retain about them and place significant emphasis on businesses ability to demonstrate data control and security.

Who will be affected by GDPR?

These changes will impact any company that collects their clients personal data whether it’s through a website, an app, email or any other means that results in personal data being retained in an internal database.

This means that many businesses will have to adjust their approach to data retention and transparency in order to ensure they don’t incur a non-compliance sanction of up to €20,000,000 or 4% of annual worldwide turnover.

Make sure you are GDPR compliant 

Data transparency between companies and individuals is a cornerstone of the GDPR. Companies will be required to inform individuals:

  • What personal data are being retained

  • How their personal data are being used

  • Who is using their data

  • How long their data will be stored for and,

  • Who to contact with regards to obtaining further information on the company’s data processing procedure

In conjunction with data transparency, data security is paramount to maintaining GDPR compliance. In order to ensure this, firms will be required to carry out an online review, answering the following questions:

  • Does our target market include EU citizens? (Check currency listings, etc.)

  • Does our website contain a comment section?

  • Does our website facilitate newsletter subscription?

  • Does our website gather and retain personal information or online identifiers such as IP addresses via analytics?

Following this, it will be beneficial to carry out a review of the personal data being collated and retained, under the following headings:

  • Why are these data being collated?

  • Why are these data being retained?

  • How long will these data being retained?

  • How secure are these data?

Over the course of these reviews, any potential weak points in a firm’s data protection protocol should become clear and allow the company to take the necessary steps to maximise data security and minimise their risk of GDPR non-compliance.

Suffice it to say, this is a highly simplified guide to GDPR compliance.  If you have any questions or concerns about the potential impacts of GDPR on your firm please contact 2 cubed here and our web development experts will be happy to help.