THE NEW GDPR REGULATIONS AND HOW TO MAKE YOUR WEBSITE COMPLIANT.

April 19, 2018

The new regulations are of importance to anyone who collects and processes personal data from their customers. This includes organisations that run websites and apps as well as internal databases, CRMs and email.

 

 

 

The entirety of the GPDR is a huge document, so in case you don’t fancy reading through that, we’ve highlighted the most important parts to help you come to terms with the new regulations instead. The maximum penalty for not following the rules is €20 million, or 4% of your global turnover, so it’s vital it’s taken seriously! The legislation will be enforced on 25th May 2018.

 

The GDPR (General Data Protection Regulation) is a new EU regulation that is helping to strengthen data protection for EU citizens and residents. Essentially it ensures businesses who are offering their products and services to customers in the EU are looking after their personal data correctly.

 

CONSENT

Obtaining consent is a key part to the new GDPR legislation. It is vital that any website that collects personal data gets specific permission to use it. Any one who visits your website must understand exactly how you plan to use their data and they must agree to each specific purpose. If you are storing a customer’s email address because they have placed an order, you can only send marketing information to them if they have agreed.

 

Privacy and cookie notices may need looking at to ensure they comply by the GDPR rules. They need to be simple and easy to understand and free of any jargon.

 

ACCESS

The new GDPR legislation means customers must be aware of who will have access to the personal data that is stored within the back-end of the website. The first step businesses need to take is to understand who this is and put a list together. Look at the list and ask yourself whether they all need genuine access to the personal data. Those who don’t should have their permissions withdrawn with measures implemented for future access.There should also be a process for deleting data that is irrelevant or no longer required. Companies are not allowed to hold on to personal data for longer than is necessary.Businesses should review any external agencies that may have access to their data. Agencies should be able to explain what measures they are taking to maintain maximum security of data. Even if elements of the process are outsourced, it is ultimately the responsibility of the business.

 

ENCRYPTION

The new GDPR legislation means it is vital for any data submitted to your website to be encrypted. Encryption will mean your data will not be captured and you should ensure the necessary measures are taken. Installing a SSL certificate to your website will ensure data is encrypted.If your website does not have the padlock symbol in the URL bar of the browser, it is not covered by an SSL certificate.If your website needs to be made compliant with GDPR legislation, we can help.

 

For more information, get in touch with Digital Infotech IT Team team today by giving us a call on 0800 6125 347 or via our contact page.

 

 

Share on Facebook
Share on Twitter
Please reload

Featured Posts

Hulu is Nintendo’s first video streaming app for the Switch

November 9, 2017

1/1
Please reload

Recent Posts
Please reload

Archive
Please reload

Search By Tags
Please reload

Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
Subscribe to Our Newsletter

UK OFFICE ADDRESS

Regus

Admiral Park,

Victoria Way, Kent.

DA2 6QD

United Kingdom

TELEPHONE:

Phone: +44 (0) 20 3488 2546

GENERAL INQUIRIES:

info@digitalinfotechit.com

OFFICE OPENING HOURS:

Monday-Friday: 9AM - 5PM

2016  Website Proudly created & designed by Digital Infotech IT Ltd.