The Countdown has Begun
You’re probably sick of receiving emails about GDPR compliance; opt in to this, opt out of that etc.
However, there is a very, very good reason why all these companies are sending you emails right now – they don’t want to get prosecuted after May 25th for not complying with the law. And the fines can be heavy – very heavy.
If you have a data breach, apart from having to pay the fines imposed, you are also required by law to contact all of your clients and inform them of your data breach, what information may have been stolen and the processes that you are putting in place to recover & protect their data in the future. Imagine what impact that could have on your business!
When it comes to your website, if you are an e-commerce site or newsletter signups, online contact forms or any other application that requires a visitor to send personal data to you, then your site must employ encryption during the transmission stage in order to prevent possible data theft.
Pretty much every website uses the bare minimum of a contact form and therefore these sites must protect the data that they are gathering and the easiest way to do this is through the use of and SSL certificate.
These need to be purchased from SSL vendors, usually renewed annually and must be installed on your website via your hosting account.
Once in place, your domain will change from http://www.yourdomain.com to https://www.yourdomain.com. Some browsers do not display the http:// or https:// part of web addresses, so you may have been unaware of this in the past. However, with the GDPR update, so too many browsers have also updated, to show the visitor that a site is secure and the website is taking measures to protect their data.
When visiting a secure, encrypted site, visitors will see something like this in the browser window:
However, visiting an insecure site, which is not using encryption, the visitor will see something like this:
Seeing “Not secure” slapped on your website isn’t exactly confidence inspiring for your visitors, is it?
It’s not just your website you need to protect, but also any data that you hold. You probably have lots of personal data stored in various places around the business.
- Do you have a good understanding, and documented record of the data you hold?
- Do you need to either gain or refresh consent for the data you hold?
- Do you have a defined policy for how long you retain personal data, so you don’t retain it unnecessarily, and ensure it’s kept up to date?
- Is your data being held securely, keeping in mind both technology and the human factors in data security?
Whether you are a data controller or data processor or both, do you have the correct legal arrangements in place?
Fortunately, we can help you with your website…
We have created a solution that will allow you to be GDPR compliant:
- Firstly, an SSL certificate will be installed on your website. This will encrypt the data you gather when a visitor transmits information to you and browsers will display the ‘secure’ sign or symbol, assuring the visitor their data is being correctly protected.
- We will also install added security on your website, to help prevent malicious attacks, who may be trying to access customer records. If you have an online shop or visitors can register on your site to perhaps comment on blogs, then the visitors information is stored in an online database and needs to be secured.
- We will also place a ‘Privacy Notice Terms & Conditions’ page on your site which is also part of GDPR compliance, to show visitors how you use their data.
The total cost of our service is £39.99 and is required for each and every live domain you own/manage that gathers information. This offer expires on the 24th May.
If you do not have this in place on your website by 25th May when the new legislation comes in to force, you may be prosecuted.
If you would like to proceed with the offer, you can visit this page https://www.altius-seo.co.uk/ssl/ to accept or decline the offer. As per GDPR rules, non-completion of the form will be viewed as a declination.
If you are unsure as to how GDPR affects your website, please do not hesitate to contact us.