GDPR… is your website compliant?

The General Data Protection Regulation (GDPR) has been the bane of everyone’s professional lives since it was announced. With the deadline for compliance now past many businesses have been busily preparing their wider processes to ensure everything is GDPR ready. Complying with the new requirements is of course important. As well as the prospect of facing a hefty fine – equivalent to up to 4% of your annual turnover –  non-compliance may lead to reputational loss and compensation claims from affected customers.

Whilst seen by many businesses as a hindrance, GDPR is great news for your customers. GDPR will lead to a higher standard of data protection for consumers, giving them more power over how their data is collected, used and stored. It’s not all bad news for your business either, GDPR compliance could lead to improved reputation, greater customer loyalty, more accurate data collection and usage, and greater data security, to name but a few things. As one of your main portals for collecting data, your website plays a vital role in compliance, but is it really GDPR ready? Here our online marketing experts reveal the steps you should take to prep your website for the dreaded but inevitable GDPR.

Secure your website

Keeping your website secure is an integral part of refining the processes and procedures that will keep the data you collect safe. As a business collecting data, with permission of course, from your customers, it is your responsibility to safeguard the data you collect from hackers. Keeping your website free from cyber security threats like malware, viruses and phishing is therefore a must.

Don’t forget to hit update on your software too. Regular updates will ensure you have the latest patches to close any loopholes and eliminate vulnerabilities that could be exploited. Regular backups and the use of an SSL security certificate are also steps you can take to keep customer and company data safe and secure.

Revisit your privacy policy

Privacy policies are often seen as useless documents that no customer would ever dream of bothering to read, but that doesn’t make them any less essential. Your privacy policy should inform visitors to your website of how their personal data will be used, and should do fairly and transparently. The same theory applies to your cookie notifications. Your cookies store information in each visitor’s browser, so ensure their use is explained in your privacy policy and a notification immediately present on your website.

Revise your forms

There are many ways in which forms are used to improve interactions with new and existing customers on your website. From enquiry to lead capture, your forms no doubt play an essential role in connecting your business with your customers. Under GDPR all forms must be updated with compliance in mind. Tick boxes should be used to help customers opt-in and consent to data collection, along with a statement detailing what data will be collected and how it will be used by your company. Your forms should also give visitors options. For example, you may want to include multiple tick boxes to personalise communication preferences further.

The opt-in process should also be recorded in detail, specifying what the person opted-in to, when they opted-in and where this opt-in took place.

Need further advice on how you can get your business prepared for GDPR? Get in touch with our team for advice and support.