What you Need to Know About the GDPR

What is the GDPR?

The core of the GDPR revolves around being open and honest with your website visitors about what data you are collecting and what you are using that data for. The GDPR also encourages companies to only collect information that they will use. For example, if you don’t plan on using people’s birthdays to market to them or offer coupons off on their birthday etc., don’t collect that information because it is not something you need.

What Does This Mean for My Business?

If your website is accessible to any citizen of the EU, the GDPR applies to you. The GDPR was adopted on April 27, 2016 but starting on May 25, 2018 the GDPR becomes enforceable.

To ensure that you are ready here are some steps you can take:

1. Complete an audit of what information you are collecting on your website and what tools you are using to collect that information. Some examples of tracking tools on your website might include:

2. Make sure your privacy policy and terms of use statements are both up to date.
Include details about the type of data you are collecting, what it will be used for, who it will be shared with and how long you intend to keep the data.

3. Make sure you have contracts with any third-party that has access to the data you are collecting to ensure they understand their responsibilities related to that data.

4. Let your website visitors know what you are tracking immediately when they land on your site.
Make sure you are also giving them the option to opt-in, change the settings of what is being tracked or opt out. It is important to note that silence, pre-ticked boxes or inactivity does not constitute consent.

IKEA's GDPR banner at the top of their website with links to their Privacy Policy and Cookie information

An example of what IKEA has added to their website to inform visitors of cookies are being tracked

5. Review forms on your website to make sure that boxes to opt-in to newsletters, or indicate contact preferences are not automatically checked.

Screenshot of IKEA's "Request An IKEA Catalog" web page

An example of IKEA’s request a catalog form that allows you to opt-in to inspirational emails and updates along with mobile text messages but does not have any boxes pre-ticked.

What if I Choose Not to Comply With the GDPR?

If you choose to ignore the GDPR and are collecting EU citizen’s data, fines could be as high as 20 Million Euros (about $24,752,800.00) or 4% of your global annual revenue, whichever is higher. Long term, you could also lose trust from your website visitors as data collection notifications across competitor websites becomes more common and expected.

My Website is GDPR Compliant, Now What?

Let your customers know! Data protection is a huge concern for today’s customer. You’ve put a lot of work into protecting your customer’s data and becoming GDPR compliant so use it as a differentiator from your competition.

To learn more about the GDPR and how it might affect your website, reach out to the team at iBec Creative or conduct some research of your own. Below are some helpful links to get you started: