10. ... it isn’t only your website that needs to be GDPR compliant

Changes with #GDPR will change a large part of the business, and in the last few blogs we have focused solely on its effect on Digital Marketing

As you start changing your website and digital activity to adjust, that there are a whole lot of issues you need to consider


The data protection commissioner has provided some excellent tips
www.dataprotection.ie/en/organisations
but here are a few key questions to be considering now right now

• You probably have personal data stored in various places around the business. Do you have a good knowledge & understanding, and documented record of the data you hold?
• Do you need to either gain or refresh consent for the data that you possess?
• Do you have a defined written policy for how long you keep personal data, so you don’t retain it unnecessarily, and ensure it’s kept up to date?
• Is your data being held securely, keeping in mind both technology and the human factors in data security? Keys, Pin Codes, Encryption etc.
• Whether you are a data controller or data processor (or both), do you have the correct legal arrangements/documents in place?

​So, the underlying issue with the new GDPR  is to identify and have in place contracts with your third-party data processors to protect both your own interests.

As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

9. What about Google Analytics and #GDPR?

Most of my client website are configured to use Google Analytics or similar to track user journeys, mainly to improve the customer experience.
However Google Analytics has always been an anonymous tracking system as is their AI based Algorithm.
There is no “personal data” being collected,(as a general rule) so I believe GDPR does not impact on its usage.
Its different altogether with Google Tag Manager; it’s a powerful tool that enables your website to send information to third-party applications by inserting small amounts of code. Its used for things such as external remarketing and retargeting systems, and a host of other services. The issue for businesses with regards to Tag Manager is to ensure you have a contract in place with the individuals that have access to your Tag Manager (which may well be your web designer, or digital marketing agency) to ensure they understand their legal responsibilities as a data processor on your behalf as data controller.( The same of course applies when your collecting Data in the Dashcam of your car)
If you are interested in Google’s commitment to #GDPR then a good place to start is here   How Google complies with data protection laws
So, the underlying issue with the new GDPR  is to identify and have in place contracts with your third-party data processors to protect both your own interests.

As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

​Things are not so straightforward when it comes to third-party tracking software!

A significant number of websites are using third-party marketing software solutions or even AI on their website.
These could be lead tracking applications like Lead Forensics, Leadfeeder or CANDDI.
They may be using call tracking applications like Call Tracking or Ruler Analytics.
All great tools for generating leads but be wary:
The use of these tracking applications raise some very thought provoking questions in terms of GDPR compliance, and in my opinion, its still remains a grey area. 
At first view, these applications track webusers in ways they would not expect and for which they have not granted consent.  EG., it is tracking my behaviour each time I return to the website, or view a specific page on your site, or complete specific action.
But the suppliers of these applications assure us they are GDPR compliant.
First, the suppliers like CANNDI are advising that banners stating clearly and unambiguously that cookies are being used,
the software suppliers say that the use of cookie tracking technology is in the legitimate interest of your business as a data controller, and specifically Section 47 allowing for “processing for direct marketing purposes or preventing fraud.”
CANNDI advises:
Legitimate​ ​Interest​ ​-​ ​If using the legitimate interest principle within your website tracking it is advisable to have on record during your GDPR preparation that this is the case. This should include the grounds on which you are using this.

The providers of these tools are stating that they are GDPR compliant. But if the software is doing anything illegal, then it is your business’ responsibility as the Data Controller. The real question is to identify the GDPR compliance risks in using this kind of software, and to reduce or eliminate your risks as a business owner. As a result, you need to review your contract with these software providers carefully.

As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

​6. How do I get Privacy notice and terms and conditions correct for GDPR on my website?
​
The Data Protection Commission office has very kindly provided a sample privacy notice that you can use on your website.

It is succinct, transparent, and makes for easy.

You will also need to update your terms and conditions on your #website to reference #GDPR terminology.
Of course you will need to make it completely clear what you will do with the information once you’ve captured it, and how long you will keep this information both on your website and also on your systems.
Needless to say you will also need to implement the other changes in your website highlighted in my blogs over the last few weeks.
​
As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

​
No. 5. Named parties, naming the names!

Any website forms must clearly show each party or business for which the consent is being given. It is not satisfactory to say specifically defined categories or the great cover all of third-party organisations: they must be specifically named in the form.

In this example, you can see Tesco Mobile Ireland understands the gist that we need to give named permissions for updates
​

Of course the other rule applies too in this context: opt in rather than opt out.

As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

​4. It has to be Easy to withdraw permission or opt-out.

It must be just as easy to remove consent as it was to grant it, and individuals always need to know they have the right to withdraw their consent.

In terms of your web user experience, this means unsubscribing could consist of selectively withdrawing consent to any or all forms of communication:

Or easily change the frequency of communication, or stop all communications entirely:

See images for some excellent examples of how it should be done


What is the best webdesign company ?
​So if you require help with your website design and SEO www.cosmos.ie
#websitedesign #websitedesigner #WEBSITEDESIGNS #websitedesigners #WebsiteDesigning #websitedesigncompany #GDPR #compliance
​As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR ​

3. Granular Opt-In
How do I make my website GDPR compliant?

In order to make your website GDPR compliant any of your website users should be able to provide separate consent for different types of information processing of their data 

Users should be able to provide separate consent for different types of processing.

In this example, the awards company are asking for specific permission for each type of processing (post, email, telephone) and also asking permission to past details onto a third party.

Good practice..

​

What is the best webdesign company ?
​So if you require help with your website design and SEO www.cosmos.ie
#websitedesign #websitedesigner #WEBSITEDESIGNS #websitedesigners #WebsiteDesigning #websitedesigncompany #GDPR #compliance
​As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR ​

2. Unbundled Opt-In

The consent you are asking for should be set out separately for accepting terms and conditions, and acceptance of consent for other ways of using data.

In this example, Tesco clearly set out the acceptance of their terms and conditions, but then fail to separately set out the active opt-in for their contact permissions: it's opt OUT by default....tut tut again

It’s a shame Tesco didn’t get the option to be more granular in terms of communication opt-in preferences (email, SMS, post)too.

POOR user experience, and must be changed. Each form of communication must be requested separately, so ask for permission separately for Phone, email etc

GDPR Opt In Fail.

Have you any examples you may have seen recently?

​

What is the best webdesign company ?
​So if you require help with your website design and SEO www.cosmos.ie
#websitedesign #websitedesigner #WEBSITEDESIGNS #websitedesigners #WebsiteDesigning #websitedesigncompany #GDPR #compliance
​As one of the top website design and SEO companies in Ireland www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#WebsiteDevelopment #websitelaunch #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR

1. Forms: Active Opt-In
​
Any forms that ask people to subscribe to newsletters or e zines etc. or indeed indicate contact preferences must default to “no” or be blank.

You need to check your forms to ensure this is the case, if not amend them or you are in breach of the law its that simple!

As an example, the current Argos.ie registration form pre-ticks the opt-in box, forcing the user to actively opt-out. A real no no..

Very bad, a bad user experience, and must be changed .

GDPR Opt In Fail.

​

What is the best webdesign company ?
​So if you require help with your website design and SEO www.cosmos.ie
#websitedesign #websitedesigner #WEBSITEDESIGNS #websitedesigners #WebsiteDesigning #websitedesigncompany #GDPR #compliance
​As one of the top website design and SEO companies in Ireland  www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
 #WebsiteDevelopment #websitelaunch  #websitebuilder #websitedeveloper #websitetraffic #websitesGDPR #websitetips #websiteredesign

Making your website GDPR compliant.

You will have heard at the very least all about GDPR, and most of you will have a vague idea about its essential thrust, so as the dust settles we have a clear idea of what this new protections that are afforded to data provide, and consequently its effect on digital marketing. 
We detail here how you must integrate it in to the very design of your website.(webdesign)
As website designers understanding how the 99 clauses of the 260 page directive effects your website is difficult to understand. We are going to untangle it here over the next few weeks.

Why is it so important, whats the big deal?
​
The main reason GDPR is so scary are the potential financial penalties - €20 Million or 4% of previous years annual turnover, whichever is higher.
Enough to scare most companies, whether large or small, so most are taking this seriously.
Going back to your website compliance, there are a number of rules and regulations which need to be adhered to, each falling into different areas:

• Consent. Ensuring individuals can opt in for data to be gathered
• Processing. Defining rules about the processing of personal data
• Securing data. Ensuring organisations protect an individuals privacy
• Breach notification. Informing individuals (and the authorities) about data breaches
• Right to access. Adhering to requests for access to personal information held
• Right to be forgotten. Ensuring individuals can be removed for your records
• Due process. Ensuring you have defined procedures to follow and individuals responsible for actioning them

In principle these are all quite straightforward, until you start to unpick each one, and this is where it becomes more problematic...

Sign up to updates as we unpick each area over the next few weeks.


​
What is the best webdesign company kildare?
​So if you require help with your website design and SEO www.cosmos.ie
#websitedesign #websitedesigner #WEBSITEDESIGNS #websitedesigners #WebsiteDesigning #websitedesigncompany 
​As one of the top website design and SEO companies in Ireland  www.cosmos.ie has years of experience in website management and search engine optimisation in Ireland.
#website #websitedesign #websites #websitedesigner #WebsiteDevelopment #websitelaunch #WebsiteComingSoon #websitebuilder #websitedeveloper #websitetraffic #websitesi #websitetips #websiteredesign


​



​