Unless you have been hiding under a very big bush for the past month, you will have been getting bombarded by emails about every website and email list updating their Privacy Policies to be compliant with this new EU GDPR regulation.
For those who HAVE been under a bush The General Data Protection Regulation (GDPR) is the new set of rules concerning the privacy and security of personal data for EU citizens.
These rules aim to improve the control people have over their data – this means new rights for anyone wanting to access the information businesses hold about them, an increased level of accountability for businesses managing data, and greater fines for any businesses that don’t comply.
Now it may seem that we are a million miles away from this in the South Pacific and Fiji, we have to accept that EU Citizens are free to, and will visit our websites and register and use our contact us forms. BINGO! This law impacts you!
We feel that we should also all be honest with ourselves and accept that this new privacy law will become THE standard that our visitors and clients will see as the ‘right way to do things‘, and if you don’t have it, then your website will be seen wanting, and untrustworthy and possibly unsecure.
Top 5 ways to implement a GDPR compliant system
So here are out simple Top 5 ways to implement a GDPR compliant system on your website :
#2 Have an Automatic system for users personal data retrieval/deletion
Having an automatic system for data retrieval/deletion means that you don;t have to deal with it manually (think of all those email requests eeek! 🙁 ). There are now a whole mix of plugins and extensions to add to your website all claiming to do this, so shop around. Do be aware that most of them just check in the WordPress Users database, and will overlook your most probable database of personal info collected by your Contact Us form… Depending on which forms plugin you use, you will need to implement different systems.
#3 Make all these tools and information front and centre and easy to find
#4 Chat to some lawyer/Solicitor friends
Where all of this is welll and good and has the correct intentions of complying with this law, as every other article in the world currently states, we are not lawyers and this is NOT legal advice. This is just some technical advice on how to get the tech done and advising you to get your website compliant! Once you have implemented your best practice system, then get a legal advisor to review it for legalities in your own country and for compliance with this EU GDPR Regulation.
#5 Encrypt your website using TLS1.3
We are hoping we don’t have to bang this drum for much longer, but lets just say that we all need to have secure websites, like LAST YEAR! If your site does not have https:// at the start, and a current little green padlock in a browser, you are WAY behind the times. Talk to your web team or host as fast as you can to get this put in place, or drop us a line to help.
Be proud of having made the move and tell people, it’ll generate trust
As with all the tools and pages above being public, send out info and press on your website and through your scoil media pages and profiles, stating that you are doing the right thing. Put out a press release stating that you have the best interests of your users at heart and are doing everything to ‘do the right thing’.
We are here to help 🙂
If you find all this a bit too much to handle at the moment we are implementing these solutions as a first step on about 1 site DAILY at the moment and can discuss ways to get yor website up to speed. Drop us a line!
Remember we are all due to be in line with this and compliant by tomorrow, 25th May 2018.