GDPR – The 5 need to know points for your website

Unless you have been living under a business-proof rock for the past few months, I am sure you are sick to death of the GDPR widespread fear factor pandemic! Although at the same time it would be nice to know what to do on your website to ensure you don’t get bitten in the butt by the GDPR bug!

If you have been under said rock, and don’t know what GDPR is then skip to the bottom of this page for an overview + legal disclaimer.

Our Essential GDPR / Website Guide

1. SSL Certificate – Protect your data from breaches

You may have spotted the little green padlock in your browser when visiting some websites – this shows your site is secure with SSL. We would recommend getting an SSL certificate as it goes a long way towards ensuring your data is not breached to begin with.

This helps stop any third parties stealing user data when accessing your website and shows your users that you take their privacy seriously.

Other added SSL benefits are

  • Google favours websites with SSL in their rankings
  • Users will trust your website over others that do not have this
  • As we provide these as part of our Premium Hosting, this also means faster load times + additional increased Google Rankings along with firewall protection & backups
  • Users don’t see a ‘not secure’ message when submitting contact forms on new browsers
  • This is a quick fix we can arrange with a fast turnaround

Contact us for pricing and more info

 

2. Website forms – Say what you do with data

The chances are that you have some sort of data input forms on your website, whether it’s a contact form, download form, email subscription or e-commerce basket. It is advised in these areas to say exactly what you do with the data taken i.e ‘We do not share this data with any third parties’.

If you do share data with third parties, then you must have a check box for users to ‘opt-in’ (not ‘opt-out’) to this and also list exactly each company the data is shared with.

Note: We are offering this free for anyone who takes out our premium hosting with SSL certificate from 1st May to 30th June 

3. Cookies – Opt-out message

Cookies are little chunks of info that your website plants on a users computer to collect data. Not all cookies are used in a way that could identify users, but the majority are and will be subject to GDPR regulations. If your website uses Google Analytics, or any kind of analytic tracking of users, surveys or chat tools then these will all fall under GDPR.

Implied consent is no longer accepted (i.e by using this site you accept the use of cookies). You must now have an ‘opt-in’ option to do this, you may have seen the little drop downs on a lot of websites asking to accept the use of cookies.

You must also have an easy ‘opt-out’ option for users that may have opted in but changed their minds and this must be easy to do.

Note: We are offering this free for anyone who takes out our premium hosting with SSL certificate from 1st May to 30th June 

4. Email Marketing – Users must opt-in, not out

This is the one everybody is confused about. So let’s simplify it..

In essence as long as the client has shown a legitimate interest in your business service then you can market to them in relation to that particular service. If you plan on marketing to them about a completely unrelated service then you must give them the option to ‘opt-in’ to this at the very start (not opt-out).

As well as giving them the option to ‘opt in’ you must also list exactly what this other marketing will be, and remember to say if you are sharing it with any third parties and list who. On each marketing email you must also have a link giving users the option to easily ‘opt-out’ at any point.

It is a good idea to send an email to any current email marketing list giving users the option to ‘opt-in’ too.

 

5. Privacy Policy – Get it up to scratch

No longer is it the case that a privacy policy can be simply copied and pasted from an online template. It’s not really a ‘one size fits all’ scenario any more as you may be left wide open.

Your privacy policy should really be specific to your type of business and even your business precisely. Here we recommend speaking to a solicitor.

Luckily we can help here too and we work very closely with a digital specialist solicitor, contact Four Oaks Legal Services for more details

What now?

To make things simple – If you get SSL / Premium hosting + security updates with us between now and July, we throw in everything else. Done and dusted.

Point 2 : We will add relevant messages throughout your site.

Point 3 : We will add a free cookie ‘opt-in’ popup message on your website.

Point 5 : Get your privacy policy updates from Four Oaks Legal Services and we will add this onto your website inclusive.

Or alternatively we can provide individual elements or any further advice if needed! 

Contact us today via our contact form or email info@inlife.co.uk


What is GDPR

GDPR stands for General Data Protection Regulation and comes into play on 25th May. It effects ALL businesses and is the new EU regulation around how your business handles data. This is all personal data of individual or business. The aim is to increase protection of your data and to stop all the spammers and misuse of data out there (which is a good thing) however it does cause a bit of a nightmare for those of us that are already responsible companies.

If you do not comply you can be fined up to 4% of your annual business turnover, however it is going to be more of a case of reactive rather than active policing (so if someone complains or rats you out)

If you want some bed time reading, read more here

The good old legal disclaimer

Please be aware we are not solicitors or legal experts. So we are not providing legal advice and would always recommend speaking to a solicitor. We can only advise on website aspects of GDPR and security you can put in place.

(We do however know a great digital specialist solicitor if you do want some help with this then speak to the lovely people at Four Oaks Legal Services)