As 25th May draws closer, businesses should be finalising their preparations for the introduction of the General Data Protection Regulations (GDPR) that will supersede current data protection legislation. Whilst GDPR will impact many different areas of a business, one of the most significant aspects a company must audit and amend is their website.
Websites are largely used as a marketing tool for lead generation, this inevitably means that they actively encourage the collection and storage of an individual’s data. This means that websites are at significant risk of cyber-attacks or a data breach. Particularly for e-commerce sites, ensuring that a website is fully compliant with regulations is vital in protecting your customer’s data as well as avoiding hefty fines should you be found to be non-compliant.
Ensuring your website is ready for GDPR
SSL certificate
Ensuring your site has an SSL certificate will allow for a secure connection between a web server and a browser, thereby providing a layer of protection to the data that is inputted and stored on your site. In addition to this, due to a search engines’ commitment to ranking sites with a great user experience, an SSL certificate is likely to help your site rank higher.
Privacy policy
Your site’s Privacy Policy should let users of your site know what their data will be used for, should they submit it. This Policy should be clear and simple so that users fully understand the implications of consenting for your business to have and use their data.
Secure website
It is essential that all aspects of your site are secure to avoid cyber attacks. This can be achieved by installing appropriate security plugins that will not only improve your site’s security but inform you of any suspicious activity.
Update software
Your website’s software should always operate on the most up-to-date version. Developers invest a great deal of time and money into making their applications as secure as possible and therefore updates are regularly made to improve upon this.
Consent
How you gain consent from individuals to use their data will drastically change with the introduction of GDPR. ‘Assumed consent’ will no longer be acceptable, for example, if somebody is submitting an enquiry to you from your site, this does not give you the consent to add their data to your email marketing list.
Are you looking to update your website in line with GDPR? Speak to Entyce today to find out how we can help.