There is no doubt you have heard the term “GDPR” being discussed around the web and in the news. Spoiler: it’s not a type of PR! Data protection is a hot topic thanks to Facebook data breaches and heightened consumer security on e-commerce sites and even big banks. GDPR is a privacy law designed to give individuals control of their personal data and could potentially affect how the entire internet deals with data. We at LISI want to make sure you know the facts, understand what may be required of your website, and offer our assistance to help make your website compliant.
What is GDPR?
GDPR stands for General Data Protection Regulation and is a new data protection law in the European Union, which went into force in May of 2018.
The aim of the GDPR is to give citizens of the EU control over their personal data and to change the approach of organizations across the world towards data privacy. The GDPR provides much stronger rules than previous laws and is something all businesses should be concerned about when it comes to their websites.
Rules the GDPR dictates:
- users must confirm that their data may be collected;
- the website owner must provide the user a right to withdraw the consent to the use of personal data (such as deleting the data), if required.
Does GDPR apply to my website?
Yes, it does! It applies to every business, large and small, around the world that can be accessed by someone in the European Union. The GDPR applies to data collected about EU citizens from anywhere in the world. As a result, a website with any EU visitors or customers must comply with the GDPR, which means virtually all businesses that want to sell products or services to the European market.
What steps are needed to be compliant for GDPR?
Contact forms/Newsletter opt-ins
Add a Cookie Notice
By using cookies, you can significantly improve the user experience on your site. However, installing tracking cookies without express user consent constitutes a breach of the ePrivacy Directive 2002/58/EC (EU Cookie Law), and can result in noncompliance for European users.
Meanwhile, in California …
Still not convinced because your law firm business is only in the United States? You still don’t get a pass, sorry! The California Consumer Privacy Act (CCPA) goes into effect in 2020 and protects individual’s “personal information” similar to GDPR. In summary, if someone in California happens to click through to your website, the proactive disclosures regarding what data is collected, and how it’s used must be accepted in the website policies.
Noncompliance comes with a price! Businesses that fail to comply with the CCPA are subject to civil penalties of up to $2,500 per violation and $7,500 per intentional violation. That can add up quickly, considering companies only have 30 days to update their website to comply after being notified by the attorney general.
Take action now!
Now that you know a little more about GDPR, the CCPA, and how they affect your website, let’s setup a time to talk about the next steps. We want to make the process of becoming compliant as easy as possible for you, so let’s discuss your website needs, the customers you are reaching, and how LISI can help you!
Please contact Jason Lisi at [email protected] or 215-523-8580, ext 111 to schedule a time to talk about how GDPR affects your website.