GDPR: Does your website meet all legal requirements? Use our Checklist and confirm!

As you know, the General Data Protection Regulation (GDPR) forces web pages to respect and ensure the privacy of their users. At the same time, providing greater transparency regarding the data that is collected: for what purpose it is collected; and giving you the choice of whether or not to accept this collection and/or processing of data.

But, did you know that if you are not complying with GDPR standards, large fines may be imposed on you, and, in the most serious cases, your company may even be barred from processing personal data?

So that you don’t find yourself in default, we created this checklist that you can consult whenever you have any questions. Confirm here…

Confirm our Checklist so that your website is GDPR compliant!

All businesses are different, and it is up to you to create the necessary guidelines adapted to your business. We suggest that if you have any doubts, you contact a lawyer, who will be able to provide you with further information. While you don’t, here are the main points to take into account.

1) Update your Privacy Policy

Your website’s Privacy Policy must be clear! You must indicate to your users the ways in which you intend to collect and use their data. Also, you must clarify how this data is stored, protected, who has access to the data and for what purposes.

This information must be easy to find on your website (it is usually found in the website footer, but it is not mandatory). You can check our Privacy Policy here to get an idea 🙂

2) Obtain consent to use

It is not enough to have a Privacy Policy to comply with the GDPR. You REALLY have to have consent from your users! The mere fact that they access your website does not translate into acceptance of data collection. Let’s see how you can collect data in different situations:

  • Cookies – In order to track your users’ behavior on the website, they must consent to the necessary cookies. In these situations, you must display a pop-up to alert the user, which they must accept if they allow cookies to be accessed. You must also provide a direct link to the relevant documentation about that data collection. But pay attention! Even if the user does not allow cookies, and if your website requires cookies to function correctly, you cannot restrict access to the website. It is up to the user to block cookies in their browser.

If you still have questions about what cookies are or are looking for a more detailed explanation about their relationship with the GDPR, you can view our relevant content here.

  • Forms – All forms, as well as other ways of collecting data, must be expressly accepted. For example, you must have a checkbox for acceptance of your policies. Again, you must include a link to your Privacy Policy. We advise you, however, to only collect the data that is strictly necessary, and not to keep it for longer than you really need.
  • Newsletters – Although it is not mandatory, according to GDPR rules, a good practice for Newsletters is for acceptance to be done twice. One on your website, and the second in an email (with a link to expressly confirm acceptance). This way, the mandatory initial acceptance will be carried out and you will have one more acceptance, to prevent any fraudulent situation (e.g. registering with an email that does not belong to the user).

3) Always store all data securely

It’s up to you to decide how you want to store all the data you collect. However, the most important thing is that they are safe from computer attacks or any other security breaches. Although the GDPR does not require data to be encrypted, it is a good practice that you should follow.

4) Respond to your users’ information requests

Your users have the right to obtain information about their personal data. In this context, you must provide a simple way for users to access this information, to update it or, if they wish, to request that it be deleted. Do not forget! If you are asked to have your personal data deleted, you have one month to complete it.

We hope this content has helped you keep your website GDPR compliant. You know, if you need any help… send us a message. Don’t forget to follow our Social Networks: Facebook; YouTube; Instagram; LinkedIn.

See you soon…

A Paipeláine nas Redes Sociais!

Não se esqueça de visitar e subscrever o nosso Canal do YouTube, visitar-nos no Facebook, Instagram ou seguir a nossa página do LinkedIn. Esperamos por si…