By teknet on Thursday 15th November 2018, 9:44am
It’s been almost 6 months since the EU’s General Data Protection Regulation, or GDPR, came into force. The new regulations, which have been law since 25th May, mean an increase in online data protection for personal data.
It is now legally required for websites to be compliant with the GDPR, and being found to be non-compliant can lead to a fine of either 4% of global annual turnover or €20 million. Since either of these would be pretty bad, it’s worthwhile being compliant with the regulations.
But why are we saying this now? Why not 6 months ago? Well, this post we wrote way back in May highlighted the importance of being GDPR-compliant – but as a lot of websites still aren’t, we’ve written an update about it.
GDPR was an important thing before it’s implementation – it was mentioned across blogs and TV shows quite regularly for a couple of weeks before May 25th. On the day it came into force some high-profile websites weren’t available in Europe because they weren’t ready for GDPR. But since then people seem to have forgotten about it – which is probably one of the reasons why so many websites still aren’t compliant.
If your website is one of these companies still to adopt a GDPR outlook, you should be considering updating your website so it is compliant with the guidelines. Even if there haven’t been many fines yet, that doesn’t mean there won’t be soon. You don’t want your website to be one of them.
So, if you’re not GDPR compliant, what can you do? There are a few things to address to ensure your website is in line with the regulations. Here’s some of them.
An SSL Certificate make your website more secure. It can also improve your search engine rankings as sites like Google prefer sites with SSLs to those without.
The basic idea of an SSL is to encrypt personal data entered into your site – like payment details for example. This means information can be protected – which will help with GDPR compliance as there’s less chance of a data breach. It means personal data is more secure
The inclusion of a Privacy Policy on a website is a key part of GDPR. Not only that, it has to be easily visible to site visitors, so they can find it.
The policy itself needs to have a few things included – like saying what you do with any personal data entered into the website and how it’s stored or used. There’s more required too – it’s pretty much informing the customer of everything they need to know about you and what happens to their data.
A Cookie Policy should detail which cookies are used on a website and how long they’re stored for. It should also include information about what each one is used for.
A cookie declaration might be a good idea too – it allows people to pick if they want to opt into the use of these cookies or out.
Forms are similar to the Privacy Policy, in that they need to say how data is going to be used. This includes saying what will happen with data entered into a contact form – for example, responding to their message.
All of these things are important to the GDPR guidelines. Not only could making your website compliant be beneficial because you’re compliant with EU law, it has other advantages. We’ve already mentioned a possible improvement in SEO from installing an SSL Certificate, but the introduction of all of these things could also help website visitors trust you more. For more ideas how to do this, check out this post.
Although GDPR came into force almost six months ago, it’s not too late to update your website to become compliant. Just because your company hasn’t been fined yet doesn’t mean it won’t be – so isn’t it worthwhile to make your website compliant as soon as possible?
Teknet Software can help you with this and update your website so it follows the regulations! For more information about this, you can fill out the form on our Contact page! Alternatively, you can email hello@teknet.io or phone 0800 488 0400! If you’d like to know more about our bespoke software services instead, check out our Services page!