Loading spinner


General Data Protection Regulation (GDPR) for web

On 25th May 2018 General Data Protection Regulation (GDPR) will come into force, and regardless of Brexit, will have far reaching implications for your website and the way you collect data, your management and use of it. 

Why GDPR matters

It’s important for you to know what changes your business needs to implement with regard to your marketing data as this will supersede the existing UK Data Protection Act 1998 (DPA).


Why GDPR matters for your website


How will UK business websites be affected?

The new GDPR requires a clear affirmative action to indicate consent via your website or data capture fields. So pre-ticked boxes, and “tick here if you don’t want us to contact you” are soon to be a thing of the past. Its directive is to both protect and allow people to have more control over their personal data and have a clearer regulatory system that is enforceable in a court of law.

For businesses that share data within and from the EU, the responsibility of cyber-security is clearly placed on the organisation. With the predicted 25% growth in malware for 2017 alone, under the GDPR a data breach could result in huge fines of for companies of up to 20 million euros or 4% of their annual worldwide turnover as a worst case. With a large and real threat of a penalty hanging over how companies distribute, store and delete data, they have no choice but to evolve their website and internal operations. Many companies will have to show that they are up-to-date with the legislation and put into place systems of compliance.

Under the new GDPR rules, should a company suffer a data breach it must be reported with 72 hours. This applies to any company that handles EU citizens’ data and fines can apply outside the EU countries so if you handle any data from outside of the UK, then new compliance will have to take place.

If you’re unsure about where to start with the way in which your website and data capture will now look you should look to implement the following:

  • A review of all technical and procedural controls around your data, including the website data that it currently possesses.
  • Re-writing all documentation associated with your organisation’s privacy policies so that they are in clear and concise terms.
  • Creation of new processes and procedures that will help to handle data subject and data deletion requests.

The new GDPR is not something that should be considered an inconvenience to UK companies. Look at this as an opportunity to be able to cater to the needs of their customers, whilst working to best practice protocols for your companies data. All of which will minimise possible data loss incidents, as well as data breaches.  

website privacy policy


Is your website GDPR ready?

If you need further help on the new rules and how they could effect the way your website captures data then email the team today.
Contact us


Keep up to date on all the latest news and projects from Martin Hopkins Design. Follow us on social media for an insight into a day in the life of Martin Hopkins...we love to share our work and studio life with our lovely followers.