What about GDPR?
Newsletters from WonderWebs are normally few and far between. The primary reason for sending this one out is to detail some changes we've made due to the new EU privacy regulations (GDPR).
Website owners are responsible for their own content and processes and so you need to be aware of this!
What about GDPR?
You may have noticed you are receiving emails regarding privacy and terms updates from all sorts of services in the last couple of weeks. This is due to the GDPR.
The General Data Protection Regulation (GDPR) is a European privacy law, effective since May 25, 2018. The GDPR applies to you if you are processing the personal data of EU individuals on your website or online store, regardless of your own location, or that of the web server.
Personal data may include any information that is clearly personal, such as names and contact details, as well as data that can be used to identify an individual indirectly. This might include an IP address used for tracking preferences or statistics.
The goal of GDPR is to protect personally identifying information and hold businesses to a higher standard when it comes to how they collect, store, and use this data.
NZ and AU governments have provided information to assist businesses
Essentially, you must require explicit consent when collecting personal data from an EU resident. This applies to both subscriber forms and browser cookies. All wording must be easy to understand, and be separate from your other terms and conditions.You must supply and/or remove personal data on request, and you must actually delete it when you do so.
It is obviously difficult for small business website operators to know what to do. We have made efforts to understand the requirements and we provide information below for you to use.
Privacy and Terms Notices
If your website has customers or even just visitors from the EU, then it is important that your Privacy and Terms pages outline clearly what personal data you collect and process, what it is used for, and whom to contact if they wish to remove that information.
Here at WonderWebs, we have reviewed and modified the standard website Privacy and Terms notices that are linked in the footer of every website. The new notices are not tested or confirmed to be GDPR compliant and WonderWebs makes no claim as to their suitability for your website. It is ultimately the responsibility of the website operator to ensure compliance.
This KB article contains both notices. Check them against the Privacy and Terms links in the footer of your website. If they match and you want to modify them, send the updated copy to us for replacement. If they don't match, then you will have provided your own custom notices when we built your website. Ask us to apply the new default notices, or send us your updated versions.
Many websites have a mailing list subscription form. You must not subscribe anyone to a mailing list without their knowledge and it must be made clear on the form what they are subscribing to and how to remove themselves. Is it up to website owners to ensure that their forms are suitable. If you require changes to any of your website forms, get in touch.
Cookies Warning Popups
Google Analytics Data Retention
WonderWebs creates an entry in Google Analytics for all websites it builds. As part of Google's compliance efforts, they have required that all accounts apply data-retention settings. We have already gone ahead and applied the default 26 month removal period to all accounts we manage. Note that your overall traffic stats will still be retained for longer.
Returns and Refunds Policy
This is not specifically part of the GDRP regulation, however the terms notice refers to a return policy where applicable. If you sell products on your website, you should ensure that you have published a page with this information.Here is a sample policy you can use as a basis. Get in touch if you need help publishing it on your website.
Updated Terms and Privacy on WonderWebs.com
As a real-world example of dealing with GDPR, we have replaced our own privacy and terms notices on WonderWebs.com with the new default versions. We added a few lines to Section 1 -General Conditions in the terms notice. Please ensure you have read and understood both of these notices.
Remember that WonderWebs is not a law firm and does not provide legal advice. You are responsible for the correctness and compliance of your business with the GDPR. Get in touch if you require our assistance.
Director - WonderWebs Limited Other posts by Robert Axford
WonderWebs director Robert Axford has over 20 years experience producing both internal and external corporate and government communications services, including intranets and websites.