until GDPR comes into force
Ensure your WordPress website is GDPR Complient.
What is GDPR and why?
The last directive issued by the EU in regards to collecting personal data was issued in 1995. Since then, the way personal data is collected and stored has changed dramatically. Since 1995 the internet and technology as a whole has developed significantly and its now common practice for nearly all websites to digitally collect and store a wide range of personal data from names, contact details, and IP addresses to credit card and sensitive payment information.
While the developments in technology and specifically the internet has made many things much more convenient, there is a huge downside in regards to personal data security risks, which has already resulted in serious breaches of data and privacy on various occasions.
Because of the clear need to protect personal data, the EU’s General Data Protection Regulation (or “GDPR” for short) will be introduced across the EU in May 2018 — and there rules will also apply to businesses in the UK.
The aim of GDPR is to address how personal data is collected, processed and stored, to give individuals control over their personal data held with companies they are or have dealt with, and to impose stricter rules on businesses and organisations handling personal data.
For further information on GDPR and compliance please cehck the Information Commissioner’s Office website (https://ico.org.uk/) and the EU’s GDPR website (http://www.eugdpr.org/).
How can RMW Consultants help me?
Whilst GDPR covers many areas of data collection, we specifically focus on the changes required to your website(s), hosting and the internal data protection and privacy documentation connected to your website to ensure your website is fully GDPR compliant.
It’s important to point out that businesses and organisations should not overlook the need to ensure their procedures surrounding the handling of personal data company-wide are also compliant! We can refer you to our partner who offers company-wide GDPR compliance and related insurance services if this is required.
Will my website be affected by GDPR?
Yes, more than likely as the vast majority of websites collect, process and manage user data or track visitors actions on your website, either by using third-party solutions such as Google Analytics, Salesforce, Freshbooks, Mailchimp or by directly collecting personal data via contact forms, email submissions to newsletters, user registration forms, club memberships, forums, client areas and more.
Because of this, it is vital to assess the possibility of GDPR violations both through your own activities and through any third-party providers you use to process your website data (including your hosting provider, where your website data is stored)
A large majority of websites built prior to 2017 / 2018 will not be GDPR compliant as there are several steps that must be taken to achieve full compliance, that may not have been considered when the website was built.
Extensive fines will be enforced to businesses and organistations that violate or ignore the need to make sure your website and company wide operations are fully GDPR compliant.
How do I know if I need GDPR Compliance?
Does your website contain or offer any of the following?
- Customer contact forms to enquire about products or services
- Customers can buy products or services on your website
- Users can comment on blog posts or post to forums
- Your website monitors website visitors/traffic (google analytics etc)
- Users can sign up to a newsletter or subscription
- Customers can register and create a user profile of any kind
- You have any logging tools running (hotfrog etc)
If so, your website is processing personal data and you must comply with the General Data Protection Regulations, irrespective of your business sector.
You should consider the following questions:
What is the reason you have the data?
What is the data being used for?
How are you storing the data?
Is there a need to retain the data?
What happens if I don’t bother to comply?
This is something you really don’t want to even consider. Failure to comply with GDPR will result in potentially huge fines.
Currently, the maximum fine for breach of the UK’s Data Protection Act is £500,000! But the maximum fine for breaching GDPR will rise to €20 million or 4% of your annual global turnover in the preceding financial year, whichever is greater.
Even fines for breaches deemed less serious will be as high as €10 million or 2% of annual global turnover!
Can you help make me GDPR-compliant?
Yes. To get your website and digital data storage compliant, we do the following:
- Conduct a full audit of your website and internal data protection and privacy documentation connected to your website to identify what needs to be changed.
- Implement the changes identified by the audit
- Design and build you a beautiful, fully GDPR-compliant and mobile/tablet friendly website if required (optional service priced separately)
- Provide GDPR-compliant data encryption services to ensure your business files, data, website and emails are protected and secure at all times (optional service priced separately)
- Provide secure 256 bit SSL certificates for your website and domain.
We are a highly experienced team of in-house web developers who are commercially aware and fully versed in all the GDPR responsibilities and compliance requirements business owners must implement on their websites and in all connected internal documentation.
All our GDPR compliance work is carried out in-house by our experienced web developers in Sussex, before being checked and by our highly-qualified, specialist law firm to ensure all implemented changes are fully compliant and in line with GDPR.
How much will it cost?
We’ve created this service to be as affordable as possible at all levels, and we offer this service based on the type and size of website you have and your requirements for either supplying you with new, or updating your existing, data protection and privacy documentation in relation to your website to be GDPR compliant. Prices for our GDPR compliance service start from £199.
We provide a proposal on a case by case basis after we’ve had an initial chat with you about your requirements so we can better understand your specific requirements. We will also need to log into your website admin area to complete our audit before providing our confirmed proposal. To get started please contact us.