Never too late for Website Design GDPR!
Website Design GDPR – overview:
Website Design GDPR needs to be concidered for new and existing websites. It’s not too late for GDPR and it is actually a good thing! The EU’s General Data Protection Regulation (GDPR) came into effect on 25th May 2018 and is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used. Although the time is past, you still can take action to ensure that you are compliant with the new legislation.
What you need to consider for your website:
Simply put, Website Design GDPR affects all aspects of online business life. Any company that operates within the EU which handles and stores personal information will need to adhere to the new rules. GDPR does not discriminate between business giants and small businesses. Furthermore, the penalties for not complying to GDPR will be very severe. Violation of the terms of GDPR can result in a penalty of 4% of your company’s annual turnover or a fine of 20 million euros (depending on whichever’s highest).
Website Design GDPR Complaint Websites – the very basics
Explicit consent is needed for certain, basic, website functionalities:
- An Opt-In/Opt-Out Procedure
Consent needs to be freely given, specific, informed and non-ambiguous. Positive opt-in consent given (cannot be inferred from pre-ticked boxes or inactivity)
A means for users to request to view their data: This needs to be possible for your users, and requests for data must be granted.
“Right to be Forgotten”: Provide your users with a way to withdraw consent and purge the personal data you have collected about them.
Online Payments & GDPR
Online Stores need to collect and storing personal data in the form of delivery details and more.
You need to remove any personal information after a reasonable period, for example, 60 days. The GDPR legislation is not explicit about the number of days, “reasonable” is up for debate but as a general rule, if you don’t need to keep it, don’t keep it.
Google Analytics & GDPR
Google Analytics is used by most website owners as a means to see how well their website is functioning, ranking etc. Google Analytics. As there is no “personal data” being collected, this is not directly impacted by GDPR. That being said, it is always beneficial to be clearly transparent and advise the user the analytics is configured.
Website Design GDPR – Useful Links:
Wikipedia GDPR has a great article regarding Website Design GDPR (and GDPR in full).
It is also worth visiting the complete GDRP articles which can be found by clicking this link.