GDPR compliant websites

GDPR for Town & Parish Council Websites

Frequently Asked Questions

We’re still getting lots of question from our town and parish council customers about how to make their websites GDPR compliant, so we’ve answered some of the most common questions below:

How does your website use and process personal information?

GDPR compliant privacy policy

GDPR and website security

GDPR and website cookies

GDPR and personal email accounts – Is it okay to use personal email for parish council business under GDPR?

Making your contact form GDPR compliant

How we can help

 

How does your website use and process personal information?

Your website collects personal data in a number of ways:

  • When you request information from users, such as if they fill in any form on your site to contact you or to subscribe to your newsletter
  • When users visit or log into your site cookies can be set on their computer
  • If you have any members areas/bulletin boards or the option for users to add comments

Back to top

GDPR compliant privacy policy

Your website should include the privacy policy for your town or parish council website, covering how you process information both on the website and in your general dealings. Your privacy policy should cover:

  • Do you collect data?
  • If so, why?
  • How do you use it?
  • Is it secure?
  • Do you share it with anyone?

All our websites include a built-in privacy policy page ready for you to add your policy to. This links into your site footer, so is visible from ever page on your website.

Back to top

GDPR and website security

You are responsible for the security of your user’s data if they fill out a form on your website, for example. Your website should have a SSL certificate installed so that the connection between the server and the user is encrypted, and information cannot be intercepted.

In addition all sites that do not have an SSL certificate installed are now being marked as ‘insecure’ by the major web browsers, so having an SSL certificate is now becoming essential for all websites.

All our websites include an SSL certificate set up and configured, as standard. You can read about the features we offer on our websites.

Back to top

GDPR and website cookies

If your website sets cookies (as nearly all websites do), you must inform the user that cookies are set and allow them to opt out. This is done using a cookie consent bar.

How can you tell if your website sets cookies?

Virtually all modern websites set cookies. If you log into your website to make updates, then a cookie is set to ‘remember’ that you have logged in. The exception is older style websites built using html, although some of these sites set cookies too.

All our websites come with a cookie consent bar as standard.

Back to top

GDPR and personal email accounts

If your parish clerk or your Councillors use personal email accounts you should consider setting up dedicated town or parish council ones. This means that if someone were to leave the council, that account could be deleted so that any personal information about individual parishioners it contains would be erased.

We can set up email accounts using your domain name. We offer both POP (where messages are stored on the user’s computer) and IMAP (where messages are stored on our server) accounts.
Back to top

Making your contact form GDPR compliant

GDPR states that you must inform the user that you are collecting data about them at the point of data collection. In practice this means that you contact form and any sign-up form should have a link to your privacy policy and a checkbox that users must click to confirm they accept.

Back to top


How can we help?

At Town and Parish Council Websites we are committed to providing fully GDPR compliant websites for local councils.

Please get in touch if you would like further information or fill out our quote form for us to provide you with a free, no-obligation quote.

Back to top