GDPR – is your website compliant?

You’ve probably seen and heard lots about the new GDPR legislation which came in a few weeks ago, but might not know exactly what it means you have to do to ensure your website is compliant after 25th May.

1) You need an up-to-date Privacy Policy.

You need to publish your privacy policy. This document must contain information about how your council processes any personally identifiable information, how long it is retained for and why you need to process it.

All our websites come with a page ready for you to add your policy to, linked into the site footer so users can easily find it.

Read more about privacy policies here.

2) Cookies

You might think your site doesn’t set cookies. However, cookies are an essential part of the functioning of all modern websites. For example, any site that you log into to make changes sets cookies to enable you to do this. So virtually all websites set cookies, including yours.

GDPR places new restrictions on cookies, as detailed here: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/

To clarify this, you are obliged to:

  • tell people the cookies are there
  • explain what the cookies are doing and why; and
  • get the person’s consent to store a cookie on their device
    • consent must be freely given, specific and informed
    • users should be able to disable cookies, and you should make this easy to do

There is an exception if the cookie is ‘strictly necessary’

Read more about making your website GDPR cookie-compliant here.

 

I realise this is a lot to take on. GDPR has resulted in a massive bureaucratic burden. We are here to take control of GDPR compliance for you and reduce any worries you may have.

Read about our GDPR-compliant packages here