In May 2018, GDPR or General Data Protection Regulation will come into force replacing the current Data Protection Act of 1998. GDPR aims to give individuals more control over how companies use their data, and will introduce fines for those to break the rules.
GDPR is a massive step towards transparency, showing users exactly what happens to their data and who has access. Compliance however can be a big job – we’re updating all of our websites to include privacy notices to ensure we’re still compliant with EU regulation.
When does GDPR Come Into Force?
GDPR will be in force from May 25th 2018 across all EU member sates, and although the UK is set to leave the EU it has been confirmed that UK law based on GDPR will be drafted for Brexit. There’s no getting out of GDPR compliance.
What is GDPR?
How do I Get GDPR Compliant?
- Take a look at the official ICO document for self assessment, this will guide you through the specifics of compliance
- Make sure you display a privacy notice
- Ensure users specifically agree to you using their data, and state why and how you are using their data
What is a Privacy Notice?
A privacy notice in essence outlines the following for users:
- Who the organisation collecting user data is
- What is going to happen to the user data
- Who will have access to the data
What about Google Analytics?
Google Analytics would be classed as a data processor under GDPR, this means that you’re sending google user data for processing (for showing hits, bounce rate, time on page…). If you’re using Google Analytics you should declare this in your privacy notice along with the information you collect.
If you are able to identify individual users in analytics you should ask users for permission before you collect any data. This means that you shouldn’t load any analytics scripts before the user gives their consent.
GDPR overall is good – users are able to see what happens when they click ‘submit’ on forms or when posting to a website, and there are much clearer rules for organisations showing what they can and can’t do with user data.
Need Compliance Help? We’re here to help, contact us to see how we can ensure your business is compliant with the new regulations.