Making Your Website GDPR Compliant
First of all, we need to be clear that we are not lawyers. Although we can offer advice, we cannot accept responsibility for the information within this article. We advise that you have a legal team check that you’re GDPR compliant. Secondly, this article discusses GDPR compliancy with regards to your website only. You should also be considering how you handle data outside of your website.
Do the GDPR changes really affect your business?
Everybody seems to have a different opinion on this matter and we can only share our opinion. Whether you agree or not, is up to you. We’re not trying to scare you into spending lots of money with us, producing legal pages for your website, in order to be GDPR compliant.
In our opinion, the latest changes have mainly been put in place for the purposes of much larger companies, who handle huge amounts of data, and companies that handle particularly sensitive data.
You could totally ignore the latest changes. However, if you end up having your website hacked, because you’ve not kept it updated or have used weak passwords, this is likely to draw attention to your company.
A good place to start would be thinking about the data you handle. Take some steps to protect it and have a plan in place if your data is breached. You should also consider cleaning up old data.
If your website doesn’t include any of the following functionality, you would drastically reduce the information required to be GDPR compliant. Third Party Fonts Website Forms (Including News Letter Signups) Social Media Integration Embedded Third Party Content E-Commerce Google Analytics The majority of this functionality is what makes the difference between a modern day website and a website from the 90’s. One other item, which is a bit of a double-edged sword, would be Anti-Virus Security. This often stores personal information, but without it, you’re putting data at risk. We would refuse to host a website without this security.
What are the penalties for not being GDPR Compliant?
If you are found not meet the latest GDPR compliancy rules, you will first receive a warning; followed by a reprimand; followed by a suspension of data processing; then a fine of up to 20 million euros or 4% of your global annual turnover (whichever is higher).
In our opinion, the maximum fine is to ensure that large companies do not ignore the regulation.
It’s worth keeping in mind that ignoring everything and seeing if you get a warning, might result in you having to act very quickly with regards to GDPR compliancy and therefore paying a premium to have the work carried out at such short notice.
How can we help you become GDPR Compliant?
The two main areas to focus on for GDPR compliancy, would be a Privacy Policy and a Cookie Notice. Two other areas to consider, are a Terms & Conditions and a Disclaimer page.
We’ve created four articles that explain if you need this information on your website; what the information should consist of; and how we can help.
Does my website need a Privacy Policy page?
Does my website need a Cookie Policy page?
Does my website need a Terms and Conditions page?
Does my website need a Disclaimer page?
In conclusion, if your website doesn’t collect a lot of data and you are comfortable using the WordPress Content Management System, you could drastically reduce this cost by using the information that we’ve provided.
…if you want to discuss further or need clarification on what’s involved please get in touch…
Call Neil or Stewart on 01926 863077 or email [email protected]