Is Your Business GDPR Compliant?
What is GDPR and why?
It was way back in 1995 when the EU last issued a data protection directive. Since those days, the way personal data is collected, processed and stored has changed considerably. 22 years on, we live in a digital world: the internet and technology as a whole has developed and progressed significantly. It’s now very easy for businesses to digitally collect and store all manner of personal data from contact details, IP addresses and much more besides.
While the internet has made many things much more convenient, there is, of course, a huge downside. With the advancement of digital commerce and technology comes new and significant security risks, which have resulted in serious breaches of data and privacy on multiple occasions.
Because of the clear need to protect personal data, the EU’s General Data Protection Regulation (or “GDPR” for short) will be introduced across the EU in May 2018 — and will still apply in the UK, regardless of Brexit.
The objectives of GDPR are to address how personal data is collected, processed and stored, to give individuals back control over their personal data held on file, and to impose stricter rules on businesses and organisations handling personal data.
We’ve written an in-depth blog about GDPR compliance that you can read here. Further information can be found on the Information Commissioner’s Office website (https://ico.org.uk/) and the EU’s GDPR website (http://www.eugdpr.org/).
What can Vaccoda do for me?
While the GDPR regime covers many areas of data compliance, we specifically focus on the changes required to a website and internal data protection and privacy documentation connected to your website to ensure these areas are fully GDPR compliant.
It’s important to point out that businesses and organisations should not overlook the need to ensure their procedures surrounding the handling of personal data company-wide are compliant, too. We can refer you to our partner who offers company-wide GDPR compliance and related insurance services if required.
Will my website be affected?
It’s highly likely it will be. The vast majority of websites collect, process and/or manage user data or track visitor movements in one way or another, either by using third-party solutions such as Google Analytics, Salesforce, Freshbooks, Mailchimp or by directly collecting personal data via contact forms, email submissions to newsletters, user registrations, memberships, forums and other sign-up/submission areas.
Because of this, it’s vital to assess the possibility of GDPR violations both through your own activities and through any third-party providers you use to process your website data.
A large majority of websites will not be GDPR compliant as there are several steps that must be taken to achieve compliance.
To ignore or overlook the legislation will lead to extensive fines (more on this later) for any business or organisation found to be in violation. In short, it’s compulsory to implement changes to ensure you are GDPR compliant in both your company-wide operations and your website.
Is this you?
Does your website contain / offer any of the following?
If so, your website is processing personal data and you must comply with the General Data Protection Regulations, irrespective of your size or business sector.
You should consider the following questions:
What happens if I don’t bother to comply?
This is something you really don’t want to even consider. Failure to comply with GDPR will result in potentially huge fines.
Currently, the maximum fine for breach of the UK’s Data Protection Act is £500,000. That’s bad enough.
But the maximum fine for breaching GDPR will rise to €20 million (about £17.6 million) or 4% of your annual global turnover in the preceding financial year, whichever is greater.
Even fines for breaches deemed less serious will be as high as €10 million (£8.8 million) or 2% of annual global turnover.
Can you help make me GDPR-compliant?
Yes, we can. To get you compliant, we can do the following:
We are a highly experienced team of in-house web developers who are commercially aware and fully versed in all the GDPR responsibilities and compliance requirements business owners must implement on their websites and in all connected internal documentation.
All our GDPR compliance work is carried out in-house by our experienced team before being checked and ‘rubber stamped’ by our highly-qualified, specialist lawyer (who’s practised commercial law for more than 20 years and is an expert in GDPR compliance) to ensure all implemented changes are fully compliant and legally sound.
How much will it cost?
We’ve created this service to be as affordable as possible at all levels, and we offer this service based on the type and size of website you have and your requirements for either supplying you with new, or updating your existing, data protection and privacy documentation in relation to your website to be GDPR compliant. Prices for our GDPR compliance service start from £199 + VAT.
We provide a quotation after we’ve had an initial phone consultation with you (which only takes a few minutes) so we can better understand your specific requirements. It’s likely we’ll also need to log into your website admin area to complete our audit before providing a quotation. To get started please call us on 020 8776 0400 or contact us.
Ensuring your website and related internal documentation is GDPR compliant prevents financial penalties. We can take care of all your website and documentation GDPR compliance needs.
Let’s discuss your website GDPR compliance
The process and options
The process and options
Get your website GDPR compliant