GDPR

The GDPR (General Data Protection Regulation) legislation comes into play in May this year and will have an impact on just about any company that handles data belonging to any EU citizen.

This is a comprehensive update to the increasingly out of date Data Protection Act. This will affect almost anyone who runs a business and stores client or customer details or who owns a website that collects peoples details or monitors their activities through analytic software like Google Analytics.

As often happens with all new laws there are grey areas and misinterpretations and with huge fines being threatened it’s understandable that some people are worried, even panicked.

The need for the changes have arisen largely through big corporations and powerful websites such as Facebook buying and selling data and basically not being very responsible with people’s personal details, so smaller businesses have less data and less to do to be compliant, but this is a good time for everyone to review their data collection and storage methods and find ways to make them more secure if possible.

So what do you need to do?

For any website that collects personal data either through a newsletter subscription, or website account then the privacy policy needs to be updated to make it clear why that data is being collected, how it is being stored and what it will be getting used for. Putting together a privacy policy will be your responsibility.

In order to be complaint, we also need to make visitors aware of cookies. What they are, what data they are collecting and how that data is used. We also need to give the visitor the option of turning cookies they do wish to use. This is our responsibility and over the next few weeks all of the website managed by NDD will be getting their cookie policy updated and a user preference panel added.