An intro to web accessibility: building a digital world for everyone
Discover accessible web design, its impact on users and its business benefits. From WCAG 2.2 to key accessibility features, here’s an intro to inclusive sites.
Read More »Blog
Craig Greenup 08/10/19, 16:21
Unless you’ve been living under a rock the past few years then you will have heard about GDPR and how these changes to the law could potentially affect your business. You may be wondering how your business in particular can stay on the right side of the law, especially if you make use of mailing lists and collect personal information from your customers and website users.
To understand the risks associated with GDPR it’s important to know a bit more about what the law is and what it’s designed to do. Essentially, it was brought in to protect users from having their data misused, and it places a high emphasis on the importance of consent and proper data management.
The new GDPR legislation is designed to be an updated and more robust version of the Data Protection Act of 1998 which grants more protection to consumers. The aim is to ensure that businesses have effective and compliant ways of collecting and storing users’ information, and to prevent other companies from getting their hands on individuals’ data without their expressed consent.
The main differences between the original Data Protection Act and GDPR are as follows:
These points represent big changes in the way businesses handle their customers’ and site users’ data, and you do need to be aware of them and how they will affect your operations. To assess your site for GDPR compliance you can use the following list as a starting point:
It’s a good idea to carry out an audit of all the data you currently store to make sure it is compliant as previous ‘soft’ opt-ins may no longer be permitted under the new guidelines. You should also bear in mind that data which has been on file for a while may be infringing on users’ rights to be ‘forgotten’ after a certain time frame, so look into this too.
This is especially important if your business utilises email marketing to engage with customers and users, so be sure to ensure all of your databases are compliant and in line with the new law. If you are new to email marketing, then it’s good practise to make sure your venture is compliant before you start collecting information.
A further note we’d like to add is that cookies are also covered under GDPR changes. If you want to make use of cookies on your site then you must also get consent from your users. You are obliged to let users know that the cookies are there, what they are for and why, and you must seek the user’s consent to use the cookies with their device.
Of course, we’re web design specialists not legal practitioners, so this information is only intended to be a starting point for your business. We’d always recommend getting assistance from a professional who specialises in GDPR and data protection if you’re unsure of anything.
When it comes to building a newsletter opt in form and making sure your privacy notice is up and running correctly then it’s highly recommended that you consult with a specialist. Luckily, this is something we carry out regularly and are more than happy to help with.
Why Your Site Needs A Dedicated Server
Getting Started With Email Marketing