What does GDPR mean for my website?

What does GDPR mean for my website?

What is GDPR?

The General Data Protection Regulation (GDPR) is a new EU law that comes into effect on May 25th 2018 for the purpose of protecting the ‘personal data’ of people (‘natural persons’). ‘Personal data’ is any information relating to an identified or identifiable natural person (a ‘data subject’).

Who does GDPR apply to?

The GDPR applies to almost any organisation that ‘processes’ (deals with) personal data in any Member State of the EU, but its reach is far wider: any organisation anywhere in the world that provide goods or services to people in the EU will have to comply.

GDPR, SSL Certificates, Google... and my website?

In order to comply with the GDPR and give your users trust when visiting your website, you need to consider the functionality of your website.

What is an SSL Certificate?

An SSL Certificate gives your website a layer of security and encryption that isn’t present on standard websites. From a user perspective, it’s the difference between having a little green padlock on the left-hand side address bar or not. You may also notice the https instead of http on your website protocol.

What do SSL Certificates have to do with GDPR and Google?

Prior to October 2017, SSL Certificates were really only for e-commerce websites, to encrypt payment details and personal user information. The bonus for non-e-commerce sites was a little extra credibility and trust for users.

From October 2017 Google began to alert web users to the potential security risk of putting their personal information into unsecured websites. More recently, Google announced on February 8th 2018 that effective from July 2018 all sites that don't have an SSL certificate (non-https sites) will be marked as 'Not Secure' within the Chrome browser.

Further to this, the introduction of GDPR in May 2018 means that the EU are now holding web administrators accountable for securing their customers’ data and the fines for non-compliance are substantial.

Do I need to get a SSL Certificate?

Still not sure if you need an SSL Certificate for your website? Here's a basic guide:

Does your website take payments?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

If you take payments via your website, you should have an SSL Certificate. This has been true for a while now and if you fit into this group and your site doesn’t have one, you’re late to the party.
In this instance, your SSL Certificate is keeping your customers’ card details, address, email address etc. safe and greatly reducing the risk of loss of data which could have serious financial implications for both you, and your customer.

Does your website have a user log-in area?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

User profiles store a good amount of personal data, including but not limited to, name, address, email address, passwords, date of birth, telephone number etc. If you have a user profile section within your website then you need to make sure you’re securing that data.

Does your website have a contact form?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

The information provided in contact forms; name, email address, telephone number etc. is considered personal data and as is therefore accounted for under the new GDPR rules. Google have also started adding warnings to contact forms on non-secure websites to alert the user to the potential risk. So, if you want to avoid fines and scaring off potential leads, upgrade to an SSL Certificate.

You have none of the above but you’re interested in the SEO of your website
Certificate Needed: No (Advised)
For GDPR: No
For Google: No (Advised)

Don't get caught out... get GDPR compliant NOW!

SSL Certificates installed on websites give confidence to your visitors that you take their online security seriously. Also, Google push for security in web browsing, so you're more likely to achieve a better index ranking if you have an SSL Certificate.

TrinitySeven Studio is now recommending SSL Certificates for all websites. If you fit into any of the categories for which having an SSL Certificate is a requirement for compliance of the GDPR, you really need to start thinking about this now.

Existing customers can drop in to see us in Ashbourne, Co.Meath, call us on 01 8353913 or drop us an email and we'll help to get your business and websites GDPR compliant.

For more information on GDPR please visit https://www.dataprotection.ie/docs/GDPR/1623.htm

What our clients say...

  • I am extremely happy with the service provided by TrinitySeven Studio. The quality and range of service is excellent.  Will was extremely helpful in assisting me with my website and I'd recommend them without hesitation.

    Aine Gavigan
    Managing Director, Uisneach Catering Ltd.
  • TrinitySeven Studio takes the time to learn our business and really aims to meet our client's needs.  They strive to ensure each web project comes in on time and within budget. We have worked with TrinitySeven Studio Ltd for over five years and we are constantly impressed with the level of commitment and the high standard of work, which they consistently achieve.

    Niamh Boyle
    Managing Director, The Reputations Agency
  • We knew that we needed a web design agency that could produce clean, creative, striking designs that are appropriate to our industry sector. We also knew that we wanted to build a long-term relationship with an agency, who could introduce us to web innovations that would boost our business. Partnering with TrinitySevenStudio for our online marketing requirements has turned out to be a smart move.

    Ciaran Buckley
    Head of Marketing and Communications, Farrelly & Mitchell
  • When we first engaged the services of TrinitySeven Studio Ltd we knew we'd made a great choice.  Not only were our expectations surpassed in terms of design quality but also the speed of response times to any queries showed a really excellent level of customer support and commitment.

    Jaqueline Kiely
    Celbridge Taxation Services