Unless you have been hiding under a very big bush for the past month, you will have been getting bombarded by emails about every website and email list updating their Privacy Policies to be compliant with this new EU GDPR regulation.
For those who HAVE been under a bush The General Data Protection Regulation (GDPR) is the new set of rules concerning the privacy and security of personal data for EU citizens.
These rules aim to improve the control people have over their data – this means new rights for anyone wanting to access the information businesses hold about them, an increased level of accountability for businesses managing data, and greater fines for any businesses that don’t comply.
Now it may seem that we are a million miles away from this in the South Pacific and Fiji, we have to accept that EU Citizens are free to, and will visit our websites and register and use our contact us forms. BINGO! This law impacts you!
We feel that we should also all be honest with ourselves and accept that this new privacy law will become THE standard that our visitors and clients will see as the ‘right way to do things‘, and if you don’t have it, then your website will be seen wanting, and untrustworthy and possibly unsecure.
Top 5 ways to implement a GDPR compliant system
So here are out simple Top 5 ways to implement a GDPR compliant system on your website :
#1 Update your Privacy Policy
Having an up to date Privacy Policy shows willing in disclosing to your website users about what data and tracking systems you use. There are now many tools out there to assist with this so it shouldn’t be too difficult for the first pass.
#2 Have an Automatic system for users personal data retrieval/deletion
Having an automatic system for data retrieval/deletion means that you don;t have to deal with it manually (think of all those email requests eeek! 🙁 ). There are now a whole mix of plugins and extensions to add to your website all claiming to do this, so shop around. Do be aware that most of them just check in the WordPress Users database, and will overlook your most probable database of personal info collected by your Contact Us form… Depending on which forms plugin you use, you will need to implement different systems.
#3 Make all these tools and information front and centre and easy to find
Don’t bury your privacy policy in sa sub sub menu somewhere requiring any user to hunt to find it, or indeed use search! Have it where we all expect to find it, at the bottom of the page in the footer. And call it what we expect “Privacy Policy“, not some obscure page called “Your privacy is important to us”… Look atour footer, go on scroll down, you’ll see it 🙂
#4 Chat to some lawyer/Solicitor friends
Where all of this is welll and good and has the correct intentions of complying with this law, as every other article in the world currently states, we are not lawyers and this is NOT legal advice. This is just some technical advice on how to get the tech done and advising you to get your website compliant! Once you have implemented your best practice system, then get a legal advisor to review it for legalities in your own country and for compliance with this EU GDPR Regulation.
#5 Encrypt your website using TLS1.3
We are hoping we don’t have to bang this drum for much longer, but lets just say that we all need to have secure websites, like LAST YEAR! If your site does not have https:// at the start, and a current little green padlock in a browser, you are WAY behind the times. Talk to your web team or host as fast as you can to get this put in place, or drop us a line to help.
Be proud of having made the move and tell people, it’ll generate trust
As with all the tools and pages above being public, send out info and press on your website and through your scoil media pages and profiles, stating that you are doing the right thing. Put out a press release stating that you have the best interests of your users at heart and are doing everything to ‘do the right thing’.
We are here to help 🙂
Now of course you will see that our own website is compliant and has followed all our own advice. So you can see examples of a solid Privacy Policy here, and a set of tools to ensure our users and form users have access to their Privacy Tools.
If you find all this a bit too much to handle at the moment we are implementing these solutions as a first step on about 1 site DAILY at the moment and can discuss ways to get yor website up to speed. Drop us a line!
Remember we are all due to be in line with this and compliant by tomorrow, 25th May 2018.