Is Your Website GDPR Compliant?
The new General Data Protection Regulation Legislation comes into effect on May 25. The impact it will have on Digital Marketing is huge, and all businesses with an online presence need to get up to speed on how their practices will have to change.
GDPR means that the concept of consent being freely given is changing, and this means that businesses need to provide much greater transparency when it comes to data management. It’s likely to affect website design, and how your e-commerce site integrates with other digital activity such as CRM systems, email marketing and accounts.
Under the new legislation, any personal data collected by your business can only be done so with the implicit consent of the individual. This means that your customers need to tick a box which signifies that they agree for their data to be collected, or that they agree to opt-in for marketing purposes. Here are just some of the ways you can ensure that your company website is GDPR compliant by May:
1) Naming your parties
Any web forms filled in by your customers must identify each party for which consent is being granted. For example, a parent company which has two separate websites – one selling shoes, the other selling clothes – are obliged to inform the customer that they will be receiving marketing content from each of these sources.
2) Privacy terms and conditions
The T&C’s on your site will likely have to be updated to reference new GDPR terminology. This will require your business to outline with the utmost transparency what you intend to do with the information once you receive it, how long you intend on retaining it and the systems it will be held within.
3) Granular opt-in
Your website should provide separate consent options for different types of processing. For example, if you intend on marketing via email, text message and direct mail, you should offer a tick-box for each of these media types. Some customers may only wish to be contacted by email, which means you need to provide them with the opportunity to tell you.
While these issues are reasonably straightforward, things can get slightly tricky when you’re dealing with analytics and third-party tracking software. To ensure compliance, it is important to put a contract in place with the provider of your marketing automation software which protects your company from a legal standpoint.
For more information on how to ensure compliance, the Information Commissioner’s Office website is a great place to start and contains everything businesses need to know about GDPR.