Making your website compliant with GDPR

Information for our clients

You may already be familiar with the GDPR and preparing suitable changes to comply. Or, you may not be fully aware of the implications of the GDPR. Either way the following information is designed to help you understand your responsibilities and help you compile the information you need to ensure your business and website complies.

The GDPR covers both paper and digital records so goes much further than you may think, so we recommend that you visit the Information Commissioner’s Office (ICO) website, which contains detailed information on compliance.

Please see the ICO website for an overview of GDPR as well as detailed information:-

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

How GDPR affects us

As we provide your website design and management we are responsible for any data or data handling through the website as a third-party Data Processor. As such, we have a responsibility to operate in a way that complies with GDPR.

As the Data Controller, you have ultimate responsibility for the data and any processing carried out, so it is important that Data Controllers and Data Processors comply. To ensure clarity we will setup new contracts between us as the Data Processor and you as the Data Controller to cover the scope of our work.

Making your website compliant

Reading the information and working through the checklists made available by the ICO will help you to provide the information needed to put any internal procedures in place and move towards your compliance with the GDPR.

Implementing this on your website will require an audit to determine any deficiencies. As the Data Processor we will need to carry out the audit to ensure our compliance as the Data Processor and yours as the Data Controller. The audit we will cover the following areas:-

  • Cookie usage
  • Data forms (collecting data, requests, opt-ins & opt-outs, ‘just in time’ notices)
  • Website Data storage
  • Privacy policy
  • SSL (security certificate to run your website under https protocol)
  • Appropriate use of consent

After the audit we will provide a short report with a list of recommendations and/or requirements to meet GDPR compliance. This will assist in identifying any action to be taken. We can then present an estimate to carry out any work required and agree timescales.

The cost of the audit and report will be £120 + VAT

Remember, we can help with your website, but the GDPR goes much further, so it may be advisable to seek specialist advice.