What is the GDPR? - What it means & is your website compliant!
The General Data Protection Regulation (GDPR) is a new EU regulation aimed at helping to strengthen data protection for EU citizens and residents both within the EU and the wider world. Essentially it says to businesses and organisations “If you want to offer your services or products to customers who are EU citizens, you need to make sure you look after their personal data.
The maximum sanction for non-compliance with the GDPR is 20,000,000 Euros or up to 4% of your annual worldwide turnover (based on figures from the the preceding financial year), whichever is the greater. Yup, you read that right
For a registered business, the website needs to display the following Company Information the Business Name, place of registration, registered number, its registered office address and if it is being wound up.
Here are some of the basic requirements to make your website GDPR Ready.
2) Add a Cookie Alert to your Website
3) Add your company Terms & Conditions
This is particularly important if you are taking online payments.
For any E-Commerce Websites all the above applies but you will also require:
Terms & Conditions, Delivery and Returns Policy pages to display information as part of the Consumer Protection (Distance Selling) Regulations and Electronic Commerce Regulations (EC Directive)
If you collect and process credit and debit card information, you must conform to the PCI DSS.
To conform to EU Anti Spam Laws, ensure your email database is of opt-in email addresses, and include an opt-out instruction on all marketing emails sent.
For any additional information, please visit the ICO Website.