GDPR: impacts on your website and application

GDPR compliance

The General Data Protection Regulation (GDPR), a major step in the digital world, will apply from the 25th of May 2018. We, as digital agency, must be prepared to support our clients

and make sure all of their data and projects are processed in accordance with the Regulation: business applications, websites, e-commerce platforms, newsletter and web marketing…To find out more about how to get ready for GDPR, here are the 4 key points to follow:

 

GDPR compliant privacy policy

Websites used to have one single page of terms of use. From now on, this single page is not sufficient anymore. Any companies must publish a Privacy Policy page, which covers the treatment of information they gather when customers are accessing or using their websites. Your Privacy Policy must respond to these questions:

  • What information do you collect?
  • How do you use this information?
  • How do you share and disclose information to third parties?
  • Is personal information about websites’ users secure?

 

Consent or explicit approval in webforms

One of the GDPR key changes is the content of the web user. In every kind of webform, you must:

  • Precise the purpose for data processing
  • Display visible and accessible links to Terms of Use and Privacy Policy
  • Precise the rights of the websites’ user to access and request a copy of the personal information you hold about him/her, to have his/her personal data rectified or erased in some cases and to opt out his/her consent anytime.

 

Personal information security

You hold a bunch of personal information from your website or your web application. Personal data must be kept secure to be GDPR compliant. We recommend that you follow some security processes such as:

  • Using encrypted passwords
  • Defining different level of access
  • Setting up a firewall
  • Updating and saving frequently
  • Etc.

 

A GDPR-friendly Cookies Policy

With the Regulation, the Cookies Policy must be enforced as a website’s user must have the possibility to personalize Cookies: your company has to update the Cookies tool. Users will be able to accept or deactivate all types of Cookies thanks to the tool available in your website.

Here is an example of a GDPR-friendly Cookies tool (used by the CNIL on its website):

GDPR Cookie policy

Source: www.cnil.fr/en/home

Starting the 25th of May 2018, date of the GDPR application, you will be responsible for the data you collect and hold and will be held accountable in case of infringement. Askin assists you to turn your digital tools in GDPR compliant ones. Our GDPR consultants are available to support you in these digital changes, auditing your processes and get you GDPR ready.