What is the GDPR?
On 25 May 2018, the General Data Protection Regulation (GDPR) came into effect in the European Union (EU). GDPR gives EU citizens the right to order any company to stop building profiles about them, request data deletion within 30 days, move data from one provider to another, and gives them the “right to be forgotten”. If a company fails to comply, they will be fined either €20 million or 4% of their annual global revenue, whichever is larger.
The Privacy and Electronic Communications Regulation (PECR), which deals with cookies, has also been strengthened to bring it in line with GDPR, which means more restrictions on how and when data analytics tools like cookies can be used.
If your website has users from anywhere in the European Union, it is imperative that your website is GDPR-compliant.
We will conduct a review of your website to check if it is GDPR-compliant and provide you with a list of changes you need to make, if it is not currently compliant.
This review covers website-related GDPR compliance only.
- how data is collected through the site
- how consent can be requested at all relevant touchpoints
- how individuals can get access to their data
- evaluation of which data is considered legitimate to hold
- the length of time the data will be held for
- how it will be used
- any data storage/collection not conducted on the website