Making your Website GDPR Compliant

Don't get on the wrong side of the fence

Home/News, Uncategorized, WordPress maintenance/Making your Website GDPR Compliant

Making your Website GDPR Compliant

There is a lot of discussion about the GDPR at the moment.

…Thanks to the EU.

 

The General Data Protection Regulation (GDPR) is a regulation (binding legislation, not just a directive) by which the EU intends to strengthen and unify data protection for all individuals from the European Union (EU).

It also addresses the export of personal data outside the EU.

It aims primarily to give control back to EU citizens and residents over their personal data and to simplify the regulatory environment for international business (any company that is gathering, processing or storing the personal data of EU citizens).

It applies to all companies (globally) that are processing and holding the personal data of those residing in the European Union, regardless of the company’s location.

Although the GDPR was introduced two years ago, it becomes enforceable starting May 25, 2018.

 

What type of data is considered to be “personal data”?

Any information related to a natural person or “Data Subject,” that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

In general, consent needs to be explicit, opt-in and freely given. This means the popular opt-out based consent of today will no longer be acceptable. And the reason I removed the one youhad.

Does your company need to appoint a Data Protection Officer (DPO)?

DPOs must be appointed in the case of (a) public authorities, (b) organizations that engage in large-scale systematic monitoring, or (c) organizations that engage in large-scale processing of sensitive personal data. If Euro-Divers doesn’t fall into one of these categories, then there is need to appoint a DPO.

In order to have the website compliant with the GDPR ( https://www.itgovernance.eu/blog/en/10-steps-to-gdpr-compliance-how-prepared-are-you ), you MUST show visitors to the site what cookies are used AND give them a chance to op out. They also need to have the chance to change their mind and come back to the site if needed.

If you do not have this there are severe penalties. Starting from about 4% of yearly business income. Up to 20M Euros in fines.

With this in mind, I implemented the proper way to ask for consent and list the cookies used by my website.

First if you clear your cookies on Google Chrome Browser: Click on the green padlock icon in the url bar at the top left of your browser when visiting the site you will see a tab come down and “Cookies” displayed on it. Then click on cookies and select one by one web-of-friends.com and www.web-of-friends.com to remove them. Then reload the page.

You should see at the bottom the new information about the use of cookies and the possibility to accept or use only necessary cookies. With a list of what cookies are used.

Secondly, our privacy page has had a makeover, you can see it here: Web Of Friends Privacy Policy where the full list of cookies is displayed clearly and visitors can also reset their consent.

The code I use on the site is Free for one month. The provider of the code is Cookiebot ( https://www.cookiebot.com/en/ ) and they will scan the website once a month to look for any changes as the cookie list has to be updated regularly. Hence the monthly fee for websites with a lot of pages.

They propose their 4 plans:

Free

Maximum 1 domain

Number of subpages:

Less than 100 subpages

€9

Per domain and per month

Number of subpages:

Less than 500

€21

Per domain and per month

Number of subpages:

Less than 5000

€37

Per domain and per month

Number of subpages:

More than 5000

If you manage a WordPress website, they also have a plugin to help you install it with easy instructions. You can find the plugin at WordPress.

Here are the steps I followed:

  1. You need to declare your cookies and visitors can accept or not, use this: https://www.cookiebot.com/en/  You can ask for a non-binding offer from them as they crawl your site.
  2. Then you need to set up a privacy policy page. Read this: http://www.wpbeginner.com/…/how-to-add-a-privacy…/
  3. At the same time, WordPress includes tools to help you set up your privacy policy. You can find it in your admin page on the left:  settings/ privacy
  4. When you have access to Cookiebot, look for “your scripts”. The first one is to be included on all the pages on your website. In WordPress it means that you add it before the </head> tag in header.php.
  5. The second script, you add to your privacy policy page. All the cookies you use will show up once Cookiebot has scanned your site.
  6. Add a link in your navigation to your new privacy policy page on your site.

All done. Keep looking at and improving your policy page.

The EU will not come at your door and give you a huge fine if you are still not ready. Most likely is that you will receive a notice at first. So keep calm and work on your page.

By |May 10th, 2018|News, Uncategorized, WordPress maintenance|Comments Off on Making your Website GDPR Compliant

About the Author:

I started working with websites in 2004. After the Thailand tsunami affected the business I was in, I needed a way to inform and bring people back to it. In 2010 I decided that I should follow what became my passion and never looked back.
about website service, maintenance and seo

We Create, Maintain & Promote Websites

If you should need someone to help with your website and trust that things are being done by professionals, we can assist you at every step.

Contact Info

51 Patak Rd, Karon, Phuket, Thailand, 83100

Mobile: +6676280814

Web: Web Of Friends

Portfolio Categories