GDPR Website Compliance

GDPR website compliance

GDPR website compliance forms an important part of a business’ compliance implementation. The EU General Data Protection Regulation became effective on 25th May 2018. The regulation specifies a website operator needs to meet “data protection by design and by default”. Our website compliance packages help your business become compliant. FileOM’s GDPR practitioners, first of all, determine your controller / processor relationships with your suppliers. Then, review and draft a bespoke privacy policy, website terms and cookie policy in-line with the GDPR.

GDPR Website Compliance Packages

SMB Website Compliance
What’s Included:

  • Audit of your Website
  • Analyze 3rd Party Technologies
  • Review Supplier Agreements
  • Review Consent Process
  • Privacy & Cookies Policy
  • Identify changes for GDPR Compliance
  • Policies & Procedures for Compliance

Designed for:

  • Websites up-to 25 Pages
Business Website Compliance
What’s Included:

  • Website analysis + business process mapping
  • Designed for larger businesses
  • eCommerce
  • Payment processing
  • International shipments

Designed for:

  • Websites larger than 25 Pages
Opt-in Management
Privacy Notice
3rd Party Tracking
Online Payments
Website Cookies
Capture Forms

GDPR Website Compliance – What You Need to Do

If you collect EU residents’ personal data then you need to take steps to become compliant. This could be, names, email addresses, newsletter subscription, credit cards processin or using cookies to track visitors’ habits.

Under GDPR, just stating “click here to read our privacy policy” is insufficient. FleOM helps your business to clearly explain why you are collecting personal data, and how you intend to use it. Most of all, you now need to gain explicit consent. Particularly, if you intend to make data available to third-party providers (such as Google Analytics or telemarketing companies).

GDPR website compliance - google analytics

Consent needs to be an unambiguous indication through a statement or clear affirmative action, such as actively ticking a box. It must be specific, given freely, and dated.

  • Personal Data – consent is the most common lawful ground, this should only be used if none of the other GDPR grounds apply.
  • Privacy Policy – firstly, you need to know what data you’re collecting and why. Then, you need to share this information with data subjects via your privacy policy in plain English. Therefore, we recommend including how the data is collected, stored and how data subjects may exercise their rights.
  • Cookies – organisations must account for all cookies that contain personal data. Further, decide whether there is a legitimate and specific reason for using them.

Visit our GDPR Compliance Packages page for help with business-wide compliance, or additionally visit the ICO for more information on Website compliance.

need help with planning, implementing & maintaining your gdpr compliance programme?