GDPR legislation and how it affects your website

By May 15, 2018Legislation
Webs by KD logo

WHAT IS THE GENERAL DATA PROTECTION REGULATION AND DOES IT APPLY TO ME?

The General Data Protection Regulation, or GDPR, is a massive data protection or privacy law emanating from the EU.

Because of its low triggering mechanism, it will apply to most organizations, regardless of where they are located. For the law to apply, an organization merely has to offer its products or services to an EU resident, be established in the EU, or be engaged in widespread website behavioral monitoring.

The GDPR goes into effect on May 25, 2018. The goal of the law is simple: to give control of personal data back to the individual. While simple in theory, the law is dense and complex and of the 99 different articles in the GDPR, a full 39 require companies to document and be able to provide evidence of compliance. This is called the Accountability Obligation and is a central theme to the law.

The GDPR requires companies to have a comprehensive understanding of all the data they collect, whether it’s personal data or not, and how they use it. Specifically, companies must look at every single process and line of software code and go through a privacy impact assessment to determine if there is a privacy risk to the individual, whether she be a customer or employee. Then, for each data element collected and used, the company must determine if it has a legal basis to collect that data.

WHAT IS THE RISK OF NON-COMPLIANCE AND WILL THE GDPR BE ENFORCED?

The GDPR has real teeth to it. Penalties and fines can be as high as 4% of annual revenue or £20 million, whichever is greater. Furthermore, for the first time, class action litigation is also allowed, resulting in exposure to both regulatory enforcement and private litigation for the same transgression. We can anticipate robust enforcement from the data protection authorities, and they have been kind enough to signal that their priority enforcement actions will focus on transparency –how openly and honestly a company communicates its data practices—and whether they obtain valid consent, especially for the ubiquitous website data collection occurring on all websites.

So, in a nutshell…

You need to make sure your website complies to this new regulation, or you could face heavy fines. Although an anoyance to website owners, We support the regulaton fully and think that users should know where their information is being stored, why it is being collected and what the company intends to do with their information.

What does this all mean?

It means that Webs By KD will not be developing any new projects over the coming weeks. We want to make sure that all our websites are fully compliant with the new regulation and we are being approached by a lot of our customers to make their websites compliant. We see this as a priority compared to taking on new work – We are all about looking after our customers.

This does not affect printing jobs or any projects already being worked on – Only new projects.
If you want us to take a look at your website, please let us know ASAP by calling 01332 460 776 or emailing info@websbykd.co.uk.

There is currently a waiting list so please let us know ASAP if you want any help with making your website compliant.

If you choose not to, Webs By KD will not be held responsible for any websites launched before 15/05/18 that do not comply with the GDPR regulation.
This is a chargeable service and how much it costs is variable dependant on a number of factors, including but not limited to:

  • Size of website
  • If Webs By KD manage the website or not (discount if we do)
  • Platform website was built on
  • Type of website (standard, online shop, booking form e.t.c)