Understanding GDPR Compliance

Written By: on May 25, 2018 swg gdrp 1

What is GDPR?

The European Union has created GDPR, which is a new data privacy regulation. It regulates the collection and use of EU member state citizens’ personal data. The regulation itself is an unbelievably long list of rules of protocols to handle personal data and goes into effect on May 25th, 2018.

Most site owners will assume that these regulations do not apply to them. In the cases of local businesses that collect minimal data, this will be the case. The law was intended to protect the citizens of the EU regardless of where the business is located. Enforcement for NON EU entities and business may be difficult, but it is better to be safe than sorry.

What are the Main Changes?

The main change with GDPR is that “Implied consent is no longer sufficient”. In the past, a “Privacy Policy” page linked in the footer was enough to satisfy legal requirements of the EU. The understanding was that the website consumer was responsible for being proactive and reading these terms. The new GDPR regulations require the user to consent to any data collected. A developer can satisfy this requirement with a notice the user can click with a link to a page describing any data collected and also its use.

How to Achieve GDPR Compliance

The first step to achieve GDPR compliance is to understand what data you are collecting from your web site forms, cookies, and by any other means. Technically a website with no contact form that has Google Analytics installed will generate a cookie on the user’s system.

Once you determine what data you collect and how you use it, you then have the obligation to notify the user. This is normally done with a “floating” bar in the header or footer. A CMS like WordPress makes this pretty easy to achieve with a plugin. I am using GDPR Cookie Consent on ShaneWebGuy.com. I am not collecting any data, but would recommend the paid version for any website that was planning to collect data for any re-marketing.

It is the responsibility of the site owner to evaluate and understand the new GDPR laws. A larger organization where commerce is involved should get professional legal advice to minimize their risk. If you have any implementation questions, feel free to send me a note from my contact page and I will do my best to help.

About Shane Clark

Shane Clark

Shane has been involved in web development and internet marketing for the past fifteen years. He started as a network consultant in 1999 and gradually evolved into the role of a software engineer. For the past eight years, He has been involved in developing and marketing websites on a white label basis for marketing agencies throughout the US. His hobbies included traveling, spending time with his family, and technical blog writing.


View all posts by Shane Clark |

Website

Shane Clark

About: Shane Clark

Author Information

Website: https://shanewebguy.com/
Bio:

Shane has been involved in web development and internet marketing for the past fifteen years. He started as a network consultant in 1999 and gradually evolved into the role of a software engineer. For the past eight years, He has been involved in developing and marketing websites on a white label basis for marketing agencies throughout the US. His hobbies included traveling, spending time with his family, and technical blog writing.


To contact Shane, visit the contact page. For media Inquiries, click here. View all posts by | Website