24 Years of Awesome
Rare Form Moose

May 2018 Web Design

How To Update Your Website For GDPR

European General Data Protection Regulation (GDPR) will come into force on 25 May 2018.  GDPR is EU-wide data protection legislation. The UK will follow GDPR despite being in the process of leaving the EU. This is something that every business needs to implement right now as the penalties are severe. When it comes to websites, here is what you need to know.

The reasons.

The aim is to prevent companies from misusing data. i.e. using data for purposes other than it was collected for. An example:  when you buy something from a company they cannot email you offers every week after that. It should cut down on icky Spam and unwanted emails.

And it’s really all about consent. If you are going to keep and use someone’s personal information, you need their consent first and tell them how you are going to use it.

What will change?

Any personal data collected must be done so with consent for a specific purpose and used only for that purpose.

You must clearly state in any data collection form why you need the data and offer opt-in (tick box with text that says ‘yes I can store X information for X purpose’) for any method of contact.

This means if you have a contact form on your website, and you store the email/phone number, etc. information in any way for future use, you need consent for each bit saying how you will use it and an opt-in tick box for permission.  There must be separate opt-ins for contact to call, text, and email. That means no auto-selected checkboxes hidden away that could be easily missed and no bulk contact me/don’t contact me options.

Sidenote:  Some companies have been clever about their ‘opt in’ messaging in the past. You will see multiple tick boxes in a row with lots of small print that if you don’t read, may say something like ‘if you do not wish to get receive emails from us tick this box’, thus opting you in without you ticking a thing. With GDPR you will NOT be able to get away with this anymore, it must be ‘tick to receive’ and very straightforward.  

Be transparent.

You also need to operate transparently and with the ability to remove consent. Anyone can request to see which personal data of theirs is being held and request for that data to be deleted.

Penalties for non-compliance.

Penalties are steep. If you fail to comply you can be fined 20m euros or 4% of your global turnover, whichever is higher (note: turnover not profit!) – and this is per violation.

The Bottomline:

GDPR is not something to ignore and think that it won’t impact you. As far as your website is concerned, the changes are relatively straightforward and simple. It’s better to be safe than (cough) 20 million euros (cough) sorry.  If you need your web design in Oxford to be compliant with GDPR, then get in contact, we can help.

Posted by: Jean Paldan

May 07, 2018

value for money every step of the way

Tripp Hearing

The whole team at Rare Form were exceptionally responsive to any queries I made, or requests I had. Once we had gone live with a beautiful, fresh, modern website that much better reflected our business, I still wanted to add to and make a couple of adjustments (I am aware I am not an easy customer), and they were quick to oblige. Overall the whole process in dealing with Rare Form was seamless and I have received a fantastic website that I am proud to show off... I believe I have received value for money every step of the way and have no hesitation in recommending their services to others.