The General Data Protection Regulation (GDPR) has important implications on the way you and your website handle data. We offer a range of professional services to help ensure your website is GDPR-compliant.
An audit enables us to identify and document where you are collecting personal data on your website. You’ll receive a report summarising our findings, as well as clear recommendations and guidance on required actions.
With GDPR becoming law, all forms on your website that capture personal data must make it clear why the data is required, together with options for users to opt in and out. We offer professional development to update your website's forms to enable proper capture of user consent.
Regular email is transmitted over the web without encryption, meaning it’s not recommended for receiving enquiries with personal data. We can update your enquiry capture mechanisms to ensure your website securely stores enquiries received.
An SSL certificate ensures safe transmission of user inputs on your website and aids its performance on Google. With an SSL in place your website will gain a ‘green padlock’ which reassures users that it’s trustworthy and genuine.
For large volumes of enquiries and for organisations handling ‘Special Category’ personal data (e.g. medical history) we have a specialised ‘off-the-shelf’ system for secure processing of enquiries. It’s trusted by high profile clients including the NHS.
The new legislation makes changes in the way all organisations must process personal data and applies to your whole organisation and the way you handle data, including your website and web-based systems.
A number of key changes include:
GDPR is essentially about protecting people’s rights in relation to their personal data. A lot of these rights are similar to those already in place under the UK Data Protection Act, but include things such as:
The right of access - Individuals have the right to know their personal data is being processed, as well as being able to access this data and supplementary information
The right to rectification - Individuals can request there personal data be amended if it's inaccurate, incomplete or out-of-date
The right to erase - Individuals can request the deletion or removal of personal data where there is no compelling reason for its continued processing
The right to data portability - Individuals can obtain and reuse their personal data for their own purposes across different services. They should be able to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way.
Give us a call or send us a message today!