
26 Feb Is My Website GDPR Compliant?
Is Your Website GDPR Compliant? Get Ready for the General Data Protection Regulations with our GDPR website audit
The Digital Age Of Consent is upon us, GDPR stands for general data protection regulations. This means that any information being used by your site, be it from Google analytics, email forms or any other data collection service, needs to comply with the GDPR.
GDPR Compliance and your website
Under GDPR, simply saying “click here to read our privacy policy” is no longer enough. Your website will need to explain clearly why you are collecting personal data and how you intend to use it. If you intend to make any data available to third-party providers (such as Google Analytics or telemarketing companies) you need to get explicit consent for that.
For consent to be valid, it will need to be freely given, specific, informed and an unambiguous indication through a statement or clear affirmative action, such as actively ticking a box.
When does the GDPR take effect?
The GDPR will be put into action on the 25th May of 2018, if these regulations are not put into effect and data from your site is breached your company could face up to €20 million in fines. Or up to 4% of your annual turnover.
What about Brexit?
Although the UK is leaving the EU the GDPR regulation is already in place and will still apply to the UK and its residents long after Brexit.
What Does Our GDPR Website Audit Do ?
We audit your site and all subdomains and provide you with a clear easy to understand report covering all aspects below and give you advice on what should be done for your website to reach GDPR compliance
Privacy Policy – A privacy policy is a document on your site that states data usage and disclosure and management of a visitor’s information. We can provide a privacy policy based on your website and what kind of information you are storing or collecting.
Cookie Consent – Cookie Policy is needed along with a warning notice, which appears as soon as someone clicks on the site, listing all cookies used and what they are for.
SSL Certificates – An SSL certificate is most commonly recognised by the padlock symbol you see at the beginning of the URL this means that the site has an SSL certificate and has a safe secure connection. We can provide an SSL Certificate to any site but the requirements to install vary according to how your website has been developed.
Email Campaign Management – This is so that you are able to schedule and manage emails and email campaigns as well as keeping track of who is opening and engaging with your content, a secure database and an unsubscribe feature is key to keep in line with GDPR.
Opt-in Email Marketing – This is to ensure that anyone visiting your site is asked permission to opt for any email marketing or other services you may offer. It is important that this is obvious to visitors as it is part of the new regulations. We can provide our services to screen your site for anything that may require an opt-in option to be available, this needs to be agreed to by the visitor and not as an opt-out option.
Customer Database – These sites can only be accessed by secure login and the SSL certificate protects the data the site is collecting.
Captcha Feature – A captcha is a security feature that is helpful to websites; this prevents businesses from receiving spam or automated data. Adding a captcha also helps to keep your website more secure, as hackers can use forms on your websites to breach your websites private data.
Website and Plugin Security Vulnerabilities – Is your site and CMS secure? Out of date CMS packages and plugins, know Vulnerable scripts and extensions, hosting and server weak points
Make It Easy To Remove Data If Requested – It needs to be as easy to withdraw permissions as it was to grant them
To book your FREE GDPR website audit, get in touch via email or call on 01234 834719