GDPR Website Compliance

GDPR website compliance

GDPR website compliance forms an important part of a business’ compliance implementation. The EU General Data Protection Regulation became effective on 25th May 2018. The regulation specifies a website operator needs to meet “data protection by design and by default”. Our website compliance packages help your business become compliant. FileOM’s GDPR practitioners, first of all, determine your controller / processor relationships with your suppliers. Then, review and draft a bespoke privacy policy, website terms and cookie policy in-line with the GDPR.

GDPR Website Compliance Packages

SMB Website Compliance
What's Included:

Audit of your Website
Analyse 3rd Party Technologies
Review Supplier Agreements
Review Consent Process
Privacy & Cookies Policy
Identify changes for GDPR Compliance
Policies & Procedures for Compliance

Designed for:
Websites up-to 25 Pages

10% Discount on GDPR Compliance Packages

Business Website Compliance
What's Included:

All in the Silver Package +
Full GDPR Compliance Strategy
Controller & Processor Mapping
Review All Supplier Agreements
Design Consent Process
Design Privacy & Cookies Policy
Review changes for GDPR Compliance
Policies & Procedures for Compliance

Designed for:
Websites 25+ Pages

Opt-in Management
Privacy Notice
3rd Party Tracking
Online Payments
Website Cookies
Capture Forms

GDPR Website Compliance – What You Need to Do

If you collect EU residents’ personal data then you need to take steps to become compliant. This could be, names, email addresses, newsletter subscription, credit cards processin or using cookies to track visitors’ habits.

Under GDPR, just stating “click here to read our privacy policy” is insufficient. FleOM helps your business to clearly explain why you are collecting personal data, and how you intend to use it. Most of all, you now need to gain explicit consent. Particularly, if you intend to make data available to third-party providers (such as Google Analytics or telemarketing companies).

GDPR website compliance - google analytics

Consent needs to be an unambiguous indication through a statement or clear affirmative action, such as actively ticking a box. It must be specific, given freely, and dated.

  • Personal Data – consent is the most common lawful ground, this should only be used if none of the other GDPR grounds apply.
  • Privacy Policy – firstly, you need to know what data you’re collecting and why. Then, you need to share this information with data subjects via your privacy policy in plain English. Therefore, we recommend including how the data is collected, stored and how data subjects may exercise their rights.
  • Cookies – organisations must account for all cookies that contain personal data. Further, decide whether there is a legitimate and specific reason for using them.

Visit our GDPR Compliance Packages page for help with business-wide compliance, or additionally visit the ICO for more information on Website compliance.

need help with planning, implementing & maintaining your gdpr compliance programme?