22 May Your website and what we are doing to help you become GDPR compliant
With the imminent arrival of the new GDPR, Europe’s new framework for data protection laws, many companies will be concerned about being compliant and what it means for their marketing. We wanted to provide some guidance and reassurance, ahead of this week’s deadline.
Although it may be daunting to clear out old and non-compliant data, companies should see this as a positive step forward and a fresh start for marketing. Think about it this way; customers who have given clear consent to keep in touch, are more likely to read and engage with marketing content – a clear win for your company!
The protection of data has always been important to Formedia and, with the GDPR regulations about to descend, it is important for us to be transparent and open about the data that we hold and process for our clients.
Below, we have documented the steps we have taken to become fully GDPR compliant and the safeguards you should be putting in place to ensure your company is compliant too.
What we have done to become GDPR compliant
The majority of our sites are hosted in the UK on secure, GDPR compliant servers. If your website is hosted in the US, we have ensured that the company has demonstrated that it will protect European users’ privacy and data.
Data processing and third-party data processing
Only limited data that is required will ever be collected – we will only ask for data if it is needed to provide a service. Users will be informed what it will be used for, and we will not share or sell any data (unless compelled to by law). We will also check and review that any third-parties we use are also fully GDPR compliant.
Users will have the right to request for all their data to be transferred, or the right to be forgotten and have their data fully removed at any time. All databases will have restrictive access, so only selected users at Formedia can access data.
Deleting old data
We have reviewed the information on our servers and computers to ensure that any old or unused data is erased. If we need to keep some information for tax or other legal purposes, we will keep only the data we need.
Our recommendations for your GDPR compliancy
Contact form consent
Explicit consent needs to be obtained before any data collection takes place. Consent cannot come from a tick box, it needs to be clearly explained and accepted. If any forms on your website have an automatically checked box, we can make this box ‘unchecked’. We can also look at adding explanations on how your data is collected and used, as well as adding a ‘terms and conditions’ check box.
Update your privacy policies
Gain the green padlock
An SSL certificate can be fitted to your site in order to ensure a secure connection between the web server and web browsers. Anything submitted through a contact form on your website will be encrypted, in order to stop any hijacking of data. You will see this as a padlock symbol in your address bar. SSL certificate installation cost: £98 plus £65 a year for the certificate.
DISCLAIMER: All data and information provided in this blog post are for informational purposes only. Formedia Marketing Ltd makes no representations as to the accuracy, completeness, currentness, suitability, or validity of any information contained herein. We recommend consulting with a lawyer for any legal advice pertaining to GDPR compliance.