GDPR - what website owners should know

As the owner of a website, you are someone who has certain rules and responsibilities that you must follow.

​

For years, though the lawless nature of how data is used online was contained in wordy, lengthy privacy policies. We know that most people simply hit ‘Accept’ and sign away the use of their data, only to find out that has many negative consequences later on. Thankfully, a regulation chance has come in the form of the General Data Protection Regulation (GDPR). This is a European Union wide data protection transformation, and will impact on you even if you only indirectly do business with the EU.

Basically, in this new set of regulation, you are under much more scrutiny for how you handle and use the information of people.

While in the past you could more or less do as you wish with this information, today there is much more stringent control on you and what you can do with the details people give you. For one, you need to make it as easy as is possible for these people to opt out, and you have to be transparent about data usage.

What else matters, though?

I’m not in the EU, though?

So long as you even do business with someone in the EU, though, you will need to either comply with GDPR rulings or geo-block all EU nations from accessing your site. Even if you are going to have a website where an EU citizen might come along to visit, you should look to adhere to all GDPR changes and rulings.

It might sound like a pain in the neck, but you can easily hire a GDPR compliance expert. They can go through the whole process with you, and spot what has to change.

This can be quite useful if you are not someone who is minded of such matters. If you want to avoid having to deal with the jarring and complex nature of GDPR, but want to make sure that you tick all of the boxes, then you should probably look to work with a GDPR expert.

You should not simply ignore GDPR, though. It’s one of the single biggest changes to how we manage and use data in some time, and your business will be impacted by it in numerous ways. So, what should you be looking for moving forward?

Making Contact Clear

First off, you will need to go about changing most of your contact forms on the site. This might sound boring, but it’s essential if you want to be compliant with GDPR. This is going to be used by pretty much all websites – what reason would you have a website if you don’t want people to contact you and use your service/products?
br/> To make sure that you are fully GDPR compliant, make sure to adjust all of your contact forms. To do that you have make sure there is a clear justification for asking for certain details. So, for example, asking for a full name or an e-mail address: under GDPR, people have the right to know why you want that information. Add a qualifier for every piece of data that you ask for, and you can make your life a whole lot easier.

You will also need to add things like tick boxes to make sure people can agree to be contacted, to make sure that they agree to your terms and similar changes. You will also need to make sure that nothing on your boxes are ticked by default: everything must start unticked, and users must be able to say no without being restricted.

Better Mailing Standards

You also need to change up the way that you market to people, particularly when it comes to using an e-mail marketing campaign. Now, you cannot send unsolicited e-mails to people – so this means that cold calling, in effect, is dead under GDPR.

You will need to start e-mailing all of your present subscribers and ask them to sign back up with you. the reason why you need to do this is simple: you have to regain permission to contact people once again to future updates. Having prior consent is no longer enough: under GDPR, you need to ask again.

Should they not respond asking to be marketed to, then they must be removed by the system. This is part of the reasons why you should look to make GDPR compliance a part of your business for the long-term. A failure to comply is going to get quite messy, and will no doubt cause you more harm than good.

Instead of taking any risks with your business, be sur to change up how you send out your e-mails. If you make it all bit clear than before, then you are much more likely to find better customer response.

Editing Policy

Another key part of your business change will come from how you manage in-house policy. One of the biggest problems that you face at present is an inability to change your policies to make them anything but easy to understand. Many privacy policies are wordy, length and utterly needless.

Now, you must add a privacy policy to the website footer and make it easy to access. It should make it clear what you use your customer data for, and what you are asking for permission to use the data for. You should look to get this dealt with ASAP, as your company reputation is on the line if you just allow poor policy handling to hang over it.

As ever, you should look to make changes as soon as you can. GDPR came into place in May 2018, so failing to comply now is actually already hurting your business. You should get a bespoke appraisal of your business carried out as soon as is possible.

This will make it much easier for you to make the adjustment that you need to help stay out of the sights of GDPR compliance officers.

Casino Pick have created the following infographic which discusses the facts around GDPR: