Data protection has long been an important part of UK law, particularly with more and more of our information being stored online and shared via social networking. Therefore, it’s perhaps no surprise that there have been changes made to the way in which such data is protected for EU citizens, and, as such, websites and other platforms likely to collect such data are going to need to become fully compliant by May 2018. The General Data Protection Regulation, or GDPR, is something which all websites will need to pay attention to moving forward.
In a nutshell, this essentially means that you will now need to show that you have obtained the necessary consent to obtain and retain what has become known as ‘personal data’. This data is effectively anything that can be used to identify a specific person whether directly or not – from personal contact details to photographs and more besides. In order to be compliant with the requests of GDPR, you are going to need to make it abundantly clear to your visitors and end users exactly what you intend to do with their data in order to obtain their consent.
Essentially, you must adhere by what your end user agrees to – if they don’t wish for their data to be shared with third parties, and they simply wish for their data to be used in line with their use of your website or online store, you are going to need to comply with such wishes. It’s important that you encrypt all data that enters or goes through your website – and you’re going to need to keep up on your SSL certificate.
All in all – it means that you are going to need to make your website a safer place for your users. For more information on how to get your web design ready for GDPR, consult ICO’s guide here on everything you need to know.