Amazing Creative blog image - A guide to GDPR for small businesses
A guide to GDPR for small businesses
How does GDPR affect your small business and the way you run your website. Here are our thoughts.
24 May 2018

What is GDPR? 

General Data Protection Regulation is a new set of rules from the European Commission governing the privacy and security of personal data.  It becomes law on 25th May 2018, and all companies must be compliant by that day. 

  

At its heart GDPR is about protecting users' data, providing transparency about why, how and where it's stored, and allowing users to update or erase any information about themselves.  We hope these guidelines for website owners are useful, but bear in mind that the scope of the regulations goes beyond that of just your website.

 

Who's responsibility?

Hosting companies, developers and website owners all shoulder some degree of responsibility for the secure collection, storage and processing of user data.  Amazing Creative will help where we can to make sure that your website complies with GDPR, but ultimately you, as the website owner, have responsibility to research, understand and comply with these new regulations.      

 

Is your website affected?

If your website collects and stores data about users in any way, then you should make sure you understand how to become compliant with this new law. If your website includes any of the following then these regulations will affect you.

 

  • Online forms
  • User registration
  • Newsletter signup
  • E-commerce
  • Visitor tracking (ie Google analytics)

 

GDPR at a glance

Request as little data as possible

The GDPR states that organisations shouldn’t process or retain extraneous personal data. That means data should be collected for a specific purpose, used only for that purpose and retained for only as long as it meets that purpose.  

 

You need consent

Before you can keep or process user data you must get consent from the user.  You must also have mechanisms in place to periodically confirm the consent of users who's data you are storing.  You can’t hide the terms and conditions for consent, and you can’t make them so vague or complicated that people won’t read or understand them. Giving consent must be easy and kept separate from other terms and conditions, and requests must be written clearly and concisely.

 

Make it easy to withdraw consent

Consent requests need to make it as easy (or easier) for individuals to withdraw their consent as it is for them to give it. This means individuals need to be told straight away that they can withdraw their consent at any time, and you must explain how to do it.

 

Right to access

The GDPR gives users the right to access any information that your organisation holds on them. To meet this requirement, organisations need a system in place that allows staff to access information quickly. This information should be made available to download where possible. 

 

Right to erasure

Under the right to erasure (also known as the right to be forgotten), users can request that you delete the data you hold on them.

 

Breach disclosure

In the event of a data breach, you must now inform all users within 72 hours.

 

 

Our recommendations

Make a list of all the data sets you currently capture on your website. (ie forms, email, registrations)

 

For each data set consider the following:-

 

  • Have your users given clear consent for the ongoing use and storage of their data? - If not, you need to either delete that data, or think about how you will obtain consent going forward. 
  • Do your online forms make it clear why users' data will be stored? 
  • Do your online forms require users to consent before submitting their data?
  • Does your privacy policy include full transparent details of the data you store; why you store it, where you store it, and how long it will be stored for? (our privacy policy might be a useful reference for this http://www.amazingcreative.co.uk/privacy)
  • Is it simple for a users to request to see any data you keep on them, request changes to that data, or removal of that data?
  • Do you need to keep the data?  You should create a policy for the deletion of data you no longer need to keep.

 

Finally, if your website collects user data of any kind, we would recommend adding an SSL certificate (providing an https connection in the browser).  This will mean all information sent and received by the site will be encrypted. 

 

Further reading... 

The ICO webside contains a comprehension guide for GDPR, and this document is a good starting point.

 

https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf

 

 

 

 

Amazing Creative blog image - A guide to promoting your new business
Here's our guide for new businesses, and how to get the very best promotional material. Brand, logo, website and printed products. Read more...
16 July 2018
Amazing Creative blog image - Our thoughts on the New F1 Logo
The original F1 logo was design in 1984. In 2017, they launched a brave new logo. Here are our thoughts. Read more...
19 June 2018
Amazing Creative blog image - BBC creates its own brand new typeface
David Bailey explains how the BBC went about researching and developing their new Reith typeface Read more...
18 April 2018
Amazing Creative blog image - Spotify go for a brand new typeface
Spotify have changed their typeface to Circular. It's fresh with loads of character. We like it! Read more...
18 April 2016
Amazing Creative blog image - Some ideas that will help you get found on the web
A few basic principles for improving your search ranking. Read more...
3 March 2016
Amazing Creative blog image - A possible cheaper alternative to Adobe software
Adobe provide powerful software, but at a price. Here's a possible alternative from Serif UK Read more...
22 February 2016
Amazing Creative blog image - The art of finding great photographs
What's the best way to search for stock images that look natural Read more...
13 January 2016
Amazing Creative blog image - A guide to promoting your new business
Here's our guide for new businesses, and how to get the very best promotional material. Brand, logo, website and printed products. Read more...
16 July 2018
Amazing Creative blog image - Our thoughts on the New F1 Logo
The original F1 logo was design in 1984. In 2017, they launched a brave new logo. Here are our thoughts. Read more...
19 June 2018
Amazing Creative blog image - BBC creates its own brand new typeface
David Bailey explains how the BBC went about researching and developing their new Reith typeface Read more...
18 April 2018
Amazing Creative blog image - Spotify go for a brand new typeface
Spotify have changed their typeface to Circular. It's fresh with loads of character. We like it! Read more...
18 April 2016
Amazing Creative blog image - Some ideas that will help you get found on the web
A few basic principles for improving your search ranking. Read more...
3 March 2016
Amazing Creative blog image - A possible cheaper alternative to Adobe software
Adobe provide powerful software, but at a price. Here's a possible alternative from Serif UK Read more...
22 February 2016
Amazing Creative blog image - The art of finding great photographs
What's the best way to search for stock images that look natural Read more...
13 January 2016
Awarded 5 Stars
When we first started our business we realised how important a good website was. We are so pleased we found Amazing Creative. From the first time that we met with Brad we knew we were in the hands of professionals. He listened to our business ideas, and carefully planned our website accordingly. Not only did he talk it through with us, and explain in detail how to manage the site, but he provided simple 'how to' video tutorials that are easy to follow. Many of our customers comment on how good our website is, and we believe this website has played a bit part in the success of our company.
Carol fry from Jurassic Safari
Here's our guide for new businesses, and how to get the very best promotional material. Brand, logo, website and printed products.Read more...
16 July
The original F1 logo was design in 1984. In 2017, they launched a brave new logo. Here are our thoughts. Read more...
19 June
David Bailey explains how the BBC went about researching and developing their new Reith typefaceRead more...
18 April
Spotify have changed their typeface to Circular. It's fresh with loads of character. We like it!Read more...
18 April
A few basic principles for improving your search ranking.Read more...
3 March
Adobe provide powerful software, but at a price. Here's a possible alternative from Serif UKRead more...
22 February