Getting serious about privacy: don’t TL;DR the GDPR

News

Unless you’ve made it to 2018 without giving your email address to anyone, chances are your inbox has been filling up with subject lines like “Updates to our Privacy Policy”, from basically every company you’ve ever dealt with. If your eyes didn’t glaze over as you moved to your next message, you might have read something about “compliance with the GDPR,” whatever that is, and the fact that it’s “coming into effect on 25 May.”

On closer inspection, you might have noticed that it’s a European regulation and, being outside of the EU, concluded that the General Data Protection Regulation (EU) 2016/679 doesn’t apply to you, but if you or your business ever collect information from EU citizens: it does.

It’s not just for Europeans

Being in the Australian website business, we know that most of our clients won’t be significantly impacted by their obligations under the GDPR, but if your blog welcomes comments from Europeans, or your website contains a contact form that Europeans can complete, or you sell products a European might buy, it’s a good idea to familiarise yourself with how GDPR compliance might affect you.

You might need more than just a privacy policy update

Here’s a very simple and non-comprehensive list of what the GDPR requires (not to be mistaken for legal advice, of course):

  • full transparency about what you will do with customer data (before it is provided to you)
  • secure storage of customer data
  • customer access to all of the data you hold that relates to them
  • customer rights to have you delete all of the data you hold that relates to them
  • 72 hours maximum to disclose any customer data breaches

Chances are you’re already compliant with most of these regulations, and they’re worth adopting for all of your customers anyway. But if this is your first time hearing about the GDPR, 2 days before enforcement officially begins, don’t panic. According to this article in The Verge, which referenced this report, more than half of US and EU companies are currently non-compliant. You still have time to get on top of this.

What next?

If you use WordPress and/or WooCommerce, as many of our clients do, you will likely benefit from this landing page on the WooCommerce website. It steps you through the relevant regulations and will assist you in taking any necessary next steps to achieve GDPR compliance. You might also want to check out this post from WordPress, which is a good introduction to GDPR-related steps being taken within WordPress itself.

If you have any concerns about your website’s GDPR compliance or privacy measures in general, we’re here to help.

Latest from HYPERWEB

See what’s been happening here at HYPERWEB HQ and explore news and insights on web development, digital marketing, SEO and more.

View all +

Book Review – Radical Candor by Kim Scott

News
Management and leadership aren’t just about steering the ship—it’s about creating a culture where the individuals in your team can thrive, the whole team can excel, and together achieve outcomes…