How do I make my website GDPR compliant?
Your website is the face of your company and would be the first place of user engagement. It’s also a place where a lot of data is collected and hence important for GDPR compliance.
- Identify data collection points: The first step is to identify what data you collect on your websites and collection points of the data. Then we can apply GDPR requirements around them.
- Forms: Usually used by Marketing teams to collect personal information from users to send them newsletters, marketing materials. It’s important to identify all these forms along with what information you are collecting from each form.
- Sign-Up Pages: Another place where you would collect personal information to generate an account on your system.
- Implement Notice & Consent on collection points: Once you have identified all collection points you will have to give users notice on data collected, purposes of processing and allow them to consent to each purpose separately.
- Automate Consent: You need to ensure that a user’s choice of consent is honored, it’s best to automate this to avoid any human errors.
- For cookies and tracking technology there are multiple CMPs who can automate that for you.
- For consent collected from forms, you have to ensure that the same is populated in all your internal systems like Salesforce, Hubspot, Mailchimp etc. You should also train your team to ensure they do not send communications or contact users who have not given cookie consent.
- Allow consent withdrawal: For consent to be valid, withdrawal of consent should be as easy as giving consent. This means if you collect consent by one click, withdrawal of the same should not involve a lengthier process. One of the ways to simplify consent withdrawal is to build a Preference Center for users and include it in all communications and on your website. This will ensure GDPR compliance and build trust with your users.
- Implement Security: Security is one of the key principles of GDPR. You should ensure that the data users enter on your website is secured. There are a lot of good resources on the internet on securing your website. We really liked this article by Webfx.
- Monitor for non-compliance: Your website will evolve with time and you will use new tools, launch new campaigns. It’s important for you to review your website again whenever you are making new big changes. You can also use our website scanning tool for monitoring your website and get alerts in case your website becomes non-compliant.