GDPR: What is it? And what does it mean for your website?

GDPR

Last month your inbox may have been flooded with notices about updates to privacy policies.  This was the result of companies trying to accommodate and make their policies compliant with GDPR.

What is GDPR?

GDPR stands for General Data Protection Regulation. This is an EU law on data protection and privacy. It’s specifically for all individuals within the EU and European Economic Area. The goal is to help citizens and residents maintain control over more of their personal data while unifying regulation within the EU.

Ok, but what does that mean for me and my website?

First of all, Alter Endeavors shouldn’t be considered the final say on how to handle GDPR on your site.  We believe this is ultimately a legal decision between you and your counsel.  However, a good question to start with is:

How often do you interface with EU visitors on your site?

And also: What do you do with the personal data you collect from them?

If your website asks visitors to voluntarily provide data on your forms and it only tracks cookies in a very general sense (and most websites built by Alter Endeavors do this), you are probably doing enough.

If someone from the EU asks to be removed from your list or asks for an inventory of all the information you have on them, then please comply with the request!

We always advise (not only in regards to GDPR) that it is best practice to ONLY use the data you get for the purposes you state, i.e. newsletters and updates about you. Never sell the data or give it to other people.

If you find that people complain that you don’t have cookie opt-outs or something like that in the future, then maybe you should consider implementing cookie opt-out options (which we can help you with!). If you legitimately have people provide their information and you treat it with respect and privacy, you shouldn’t have a problem with your website!

There certainly has been a lot of fear-mongering about this issue, but we feel large companies with questionable privacy practices are the primary target and smaller entities who legitimately collect information freely given have little to fear. Don’t be fooled by people offering expensive solutions, when in reality, you may not need to take any action. If you have specific questions or need help assessing your website needs in regard to GDPR, please reach out to us and we will help you find a sensible solution.