How to make your website GDPR compliant.

Websites are confusing enough.
They just got a little more confusing with this new GDPR international law, coming straight from the mighty EU.

We’re here to help you navigate through the complexity.

In this week’s blog we’re going to provide you with a step by step process on how to get GDPR compliant.

1- Cookie Banner
It is a banner that shows on the web page upon page load that displays a warning about website using cookies. User usually presses “Okay” or ” I accept” button and the banner goes away.
Time to execute: It depends on website and its existing structure.

2- Use of Cookies or Cookie Policy Page
It is a page that you link in cookie banner or lower footer or any part on your website. This page displays a list of all the cookies that the site is using and its purpose.
Time to execute: We can make one template and then just change links and names and use on other sites as well. It will take some time to gather content and stuff for that template. Its more of like writing work then development. There are some tools that generate this page for you too. But I will have to look into that.

3- Privacy Policy Page
Its a usual privacy policy page but you MUST mention how and where you are storing the user’s data. How and where you are using them. Who has access to it and what would you do if it gets leaked. It should also clearly mention how user, at any point in time, can request their data back.
Time to execute: This is legal writing job and this is very custom from site to site. For example, 1 site can have a form in it that asks user’s name and birthday and favorite color. They will tell that in their privacy policy. Other site might just have a type form and then they have to declare that data is being shared with Typeform or Mailchimp or Wufoo or whatever servers are being used. Some website might have a DB and some might not so its more of writing person.

4- A Page that mentions in detail what you are doing with stored data.
Its a special page that some people call data policy, some say your privacy, some say privacy center etc. Its a place where they announce that they are GDPR compliant and what does it mean. How they are using data and how user can contact them to get their data and how users can contact them to remove data.
Time to execute: This is legal writing job and this is very custom from site to site.

5- Adding a checkbox to subscription and contact forms
In all forms that we intend to save email or names from, we need to add a checkbox that says something like, I agree to provide my personal information to be used by ABC etc.
Time to execute: Depends on number of forms and types of forms. For wordpress and “contact 7” plugin forms, it will take around 30 minutes.

6- Having a double opt-in and way to unsubscribe on subscription
Its just a setting in mail-chimp or other tools

Leave a Reply

Your email address will not be published. Required fields are marked *