Is your website GDPR Compliant?

 
The General Data Protection Regulation (GDPR) is important new legislation in the area of data protection. Developed by the European Union, it’s designed to strengthen individuals’ rights regarding the collection, use and storage of their personal data
 

What is GDPR?

It’s a legislation which focusses on the way in which private data belonging to citizens is collected, stored and distributed. Everyone is required to take action before the 25th May 2018 — this applies to all companies across the world who appeal or work with EU citizens. It doesn’t matter where you are located in the world, if you’re dealing with EU citizens, you need to comply to GDPR.

It’s a non-negotiable regulation. For those who do not follow the regulation, they will face hefty fines.

Why has it been introduced?

GDPR (General Data Protection Regulation) comes into force on the 25th of May 2018.

GDPR focusses on giving control back to consumers. It’s important for people to have more control over their personal data, and to know exactly how companies are using that data IF they’ve allowed a business to use or store their private data.

This is where websites come into the equation…

GDPR for websites

The growth in popularity for the internet and other digital systems wreaks havoc in terms of personal data being taken, stored and distributed.

Websites and other digital platforms sometimes require information or permission to use private data from users. With GDPR coming into play, gathering data is not as easy as it used to be. Now you must give users complete control over their data, and offer clear, optional & understandable opt-in or out directives.

There’s a lot to take in whether you’re a business or site owner, but we’re confident our GDPR compliance checklist will help you.

Get in touch for a full Security Audit today.

What will our Security Audit Cover?

Our website security audit is not a 'one-size-fits-all' solution. It is tailored around your business, what you use your website for and how it has been built.

As a general rule, we will consider;

  • General Website Security Principals
  • Administration & CMS Security
  • Data Collection, Storage & Security
  • Third Party Integration Security
  • Plugins & File Security (where applicable)
  • Database Security
  • Access Policies & Procedures
  • Back-ups & Security
  • Checks, Scans and Detection Systems
  • Public facing Policies

Please Note: This audit will not constitute a recommendation for your company nor professional advice regarding GDPR specifically. Our recommendations and report will only cover aspects of your website from a security perspective. There are many other components to the GDPR not listed here that may be applicable to you, these can be found on the Information Commissioner’s Office website. We take no responsibility for actions taken as a result of this article or our report.