Why GDPR is important and NorrNext's approach
The EU General Data Protection Regulation (GDPR) was designed to protect and empower all EU citizens' data privacy and to harmonize data privacy laws across European Union. The law got the enforcement since May 25, 2018 and has an exterritorial status which means the businesses outside of the EU should make their sites GDPR compliant as it is required by the EU regulation.
The GDPR affects anyone with a website that processes and collects personal data. If your business offer products and services to EU citizens or handle personal data, there are several ways to react:
- Make your site GDPR compliant. The best way which turns your business more reliable and confident.
- New site for EU market. Restructure your services and create a new site to handle data and sell to the EU.
- Do not operate with the EU citizens. it means you should not collect any personal data of visitors from the EU which usually means blocking countries by IP. It is the worst way affecting your sales rate and reputation in general especially if you work worldwide.
The company that fails to achieve compliance will face enormous penalties and can be fined up to 4% of global annual turnover or €20 million. Making sites to be fully compliant is a must-have and you should do it as soon as possible.
How to comply the site to GDPR?
Below are most important steps to put in place as soon as possible to address GDPR compliance:
- Forms. Any forms used ion the site should have checkboxes (Opt-in) allowing a user to agree to Privacy Policy. It is actual for contact form, checkout page of e-commerce, newsletter subscription form and so on.
- Cookie notice bar. A pop-up notice bar asking user's agreement to use cookies on the site to comply with the EU Cookie Law. According to the GDPR regulation, the site should have an option allowing the user to decline cookies.
- Update Privacy Policy. This page should include key information describing how the website uses the user's data.
- Email marketing. The users should confirm they agree to receive newsletters. There should be an ability for users to manage their newsletter subscriptions and an option to remove all data in any time.
- Handling data. Your site should be secure and all used extensions should be up-to-date to transferring the privacy data to 3d party side.
- A feature to remove all user's private data. A right to be forgotten. You should install a special extension providing the user an option to completely remove all privacy information from the website including the data from 3rd party extensions.
With this article, we would like to inform you about why the GDPR regulation is important and why you should react to meet GDPR requirements. It is a painstaking work, but it is worth it.
Processing the personal data on NorrNext site
NorrNext website corresponds to technical requirements to comply with the GDPR regulation and the EU Cookie Law.
Our Terms of Use and Privacy Policy complies the EU regulations. The Privacy Policy sets out how NorrNext handles and protects any private information of a user on this website.
Product manager and Joomla enthusiast who has worked in many web development roles taking on a wide array of various projects.
Linkedin