Are you prepared for GDPR ?

Transparency and communication with your site visitors are key elements of the GDPR. As part of the new regulation, you must let your site visitors know how you collect, store, and use their data, in a clear and transparent way. In addition, you must comply with your site visitors’ requests to receive a copy of their data that is processed on your site.

1. CREATE A PRIVACY POLICY

Important to create a privacy policy for your web site. This is simply a document that discloses some or all of the ways you will use information gathered about visitors to your web site. Your privacy policy should outline in plain language how you store and manage information gathered. A solid privacy policy with full disclosure will install confidence in your readers and protect you from a variety of liability issues.

2. GET CONSENT FOR YOUR MARKETING CAMPAIGNS

The easiest ways to get it are consent request e-shot meaning direct mail to your database. Then Online consent form where your web developers add a consent form to your website an drive your visitors there. Finally the website consent button which must be eye-catching.

3. MAKE SURE YOUR THIRD PARTY APPS ARE GDPR COMPLIANT TOO

To ensure that data processors can accurately create a complete history of change while guaranteeing confidentiality, the following measures must be implemented in mobile app design, installs and usage: – Determine whether the app really needs all of the data – Inform the user and obtain consent – Respond to user requests – Encrypt user data – Ensure users are updated about security incidents – Know your technology and potential weak links

4. CREATE A TOOL TO ACCESS AND DELETE YOUR SITE VISITORS’ DATA

A side effect of GDPR is that people are going to start abusing their new rights. We are aware of at least one big, respected law agency who is telling many of their clients that they’ll probably see no more than 5-6 of these requests per month. This is naive and dangerous. Internet brigading is a real threat. It’s not too difficult to find 100 people who are willing spend 5 minutes to create an account and then request data from you. If there are groups of people who are annoyed with your company for some reason, this number can grow significantly. Be prepared and automate everything.

In the case of the GDPR Framework, if you have the”download” and “delete” buttons on your website, you should expect that people will use them. Be careful if you configure the plugin to only notify you. Consider how long it takes to handle a request manually and then consider what happens if you get 10 of these in a day. Or what if you get100? However, if you have a small website, this is probably not something you need to worry about.