TrinitySeven Studio Logo

What does GDPR mean for my website?

What is GDPR?

The General Data Protection Regulation (GDPR) is a new EU law that comes into effect on May 25th 2018 for the purpose of protecting the ‘personal data’ of people (‘natural persons’). ‘Personal data’ is any information relating to an identified or identifiable natural person (a ‘data subject’).

Who does GDPR apply to?

The GDPR applies to almost any organisation that ‘processes’ (deals with) personal data in any Member State of the EU, but its reach is far wider: any organisation anywhere in the world that provide goods or services to people in the EU will have to comply.

GDPR, SSL Certificates, Google... and my website?

In order to comply with the GDPR and give your users trust when visiting your website, you need to consider the functionality of your website.

What is an SSL Certificate?

An SSL Certificate gives your website a layer of security and encryption that isn’t present on standard websites. From a user perspective, it’s the difference between having a little green padlock on the left-hand side address bar or not. You may also notice the https instead of http on your website protocol.

What do SSL Certificates have to do with GDPR and Google?

Prior to October 2017, SSL Certificates were really only for e-commerce websites, to encrypt payment details and personal user information. The bonus for non-e-commerce sites was a little extra credibility and trust for users.

From October 2017 Google began to alert web users to the potential security risk of putting their personal information into unsecured websites. More recently, Google announced on February 8th 2018 that effective from July 2018 all sites that don't have an SSL certificate (non-https sites) will be marked as 'Not Secure' within the Chrome browser.

Further to this, the introduction of GDPR in May 2018 means that the EU are now holding web administrators accountable for securing their customers’ data and the fines for non-compliance are substantial.

Do I need to get a SSL Certificate?

Still not sure if you need an SSL Certificate for your website? Here's a basic guide:

Does your website take payments?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

If you take payments via your website, you should have an SSL Certificate. This has been true for a while now and if you fit into this group and your site doesn’t have one, you’re late to the party.
In this instance, your SSL Certificate is keeping your customers’ card details, address, email address etc. safe and greatly reducing the risk of loss of data which could have serious financial implications for both you, and your customer.

Does your website have a user log-in area?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

User profiles store a good amount of personal data, including but not limited to, name, address, email address, passwords, date of birth, telephone number etc. If you have a user profile section within your website then you need to make sure you’re securing that data.

Does your website have a contact form?
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes

The information provided in contact forms; name, email address, telephone number etc. is considered personal data and as is therefore accounted for under the new GDPR rules. Google have also started adding warnings to contact forms on non-secure websites to alert the user to the potential risk. So, if you want to avoid fines and scaring off potential leads, upgrade to an SSL Certificate.

You have none of the above but you’re interested in the SEO of your website
Certificate Needed: No (Advised)
For GDPR: No
For Google: No (Advised)

Don't get caught out... get GDPR compliant NOW!

SSL Certificates installed on websites give confidence to your visitors that you take their online security seriously. Also, Google push for security in web browsing, so you're more likely to achieve a better index ranking if you have an SSL Certificate.

TrinitySeven Studio is now recommending SSL Certificates for all websites. If you fit into any of the categories for which having an SSL Certificate is a requirement for compliance of the GDPR, you really need to start thinking about this now.

Existing customers can drop in to see us in Ashbourne, Co.Meath, call us on 01 8353913 or drop us an email and we'll help to get your business and websites GDPR compliant.

For more information on GDPR please visit https://www.dataprotection.ie/docs/GDPR/1623.htm

 

Irish Rheumatology Nursing Forum Website

Irish Rheumatology Nursing Forum Website
  • Custom Website Design
  • Custom Content Management System
Find us on High Street Ashbourne, Co.Meath, Ireland.