Make your site compliant with EU cookie law

Make your site compliant with EU cookie law

The General Data Protection Regulation (GDPR) applies to all websites with users from the EU, if your website uses cookies and online tracking it needs to be compliant with GDPR and the ePrivacy Directive (ePR).

If your organisation is based in the EU or your website has users from the EU your website should meet the cookie laws.

It's a legal requirement to inform your visitors about your use of cookies or other tracking technologies, and how they can delete or control them.

Is your website compliant?
Check if your website’s use of cookies and online tracking is compliant with GDPR

What are Cookies?
HTTP Cookies are small pieces of data, usually stored in text files, that websites send and store on visitors computers to store a range of information, usually specific to the visitor, and the device they are using to view the website.

 What is the GDPR?
The General Data Protection Regulation (GDPR) is a EU-wide regulation that controls how companies and other organisations handle personal data. It is the most significant initiative on data protection in 20 years and has major implications for any organisation in the world, serving individuals from the European Union.

To give people control over how their data is used and to protect "fundamental rights and freedoms of natural persons", the legislation sets out strict requirements on data handling procedures, transparency, documentation and user consent.

Any organisation must keep record of and monitor personal data processing activities.

As data controller, any organisation must keep record of and monitor personal data processing activities. This includes personal data handled within the organisation, but also by third parties - so called data processors.

Data processors can be anything from Software-as-a-Service providers to embedded third party services, tracking and profiling visitors on the organisation's website.

Both data controllers and processors must be able to account for what kind of data is being processed, the purpose of the processing and to which countries and third parties the data is transmitted.

If personal data is being sent to organisations or jurisdictions beyond the reach of the GDPR or that are not deemed 'adequate' by the GDPR, one must inform the user specifically about this and the risks involved.

All consents must be recorded as evidence that consent has been given.

No processing of sensitive personal data is allowed without a person’s explicit consent. For non-sensitive data, implied consent will do. In either case the consent must be freely given on basis of clear and specific information about data types and purpose – and always before any processing takes place, also known as ‘prior’ consent. All consents must be recorded as evidence that consent has been given.

Individuals now have the "right of data portability", the "right of data access" along with the "right to be forgotten" and can withdraw their consent whenever they want. In such case the data controller must delete the individual’s personal data if it's no longer necessary to the purpose for which it was collected.

In case of a data breach, the company must be able to notify data protection authorities and affected individuals within 72 hours.

Furthermore, GDPR imposes an obligation on public authorities, organisations with more than 250 employees and companies processing sensitive personal data at a large scale to employ or train a data protection officer (DPO). The DPO must take measures to ensure GDPR compliance throughout the organisation.

In relation to Brexit, the UK Government plans to implement equivalent legislation that will largely follow the GDPR.

What does the GDPR mean for my website?
If your website is serving individuals from the EU and you - or embedded third party services like Google and Facebook - are processing any kind of personal data, you need to obtain prior consent from the visitor.

To obtain valid consent, you need to describe the extent and purpose of your data processing in plain language to the visitor, prior to processing any personal data.

This information must be available to the visitor at all times, e.g. as part of your privacy policy. You must also make available en easy way for the visitor to change or withdraw consent.

All consents must be logged as proof and all tracking of personal data, also by embedded third party services, must be documented, hereunder to which countries data is transmitted.

If you require assistance making your website GDPR compliant submit a ticket on our helpdesk and we will get back to you with details. SUBMIT TICKET

Related Posts

LATEST CONTENT

09 January 2024
This release continues Joomla’s high standards in accessible web design, highlighting Joomla's values of inclusiveness, simplicity and security into an even mor...
15 November 2023
Work included Producing a staging environment, PHP and hosting re-configuration, MySQL upgrade from 5.6 to 8.0, removal of unnecessary code and Joomla extension...
28 October 2023
This is a commercial security release, 3.10.14-elts. The adjustments are: Backport of fix for CVE-2023-40626, "Core - Exposure of environment variables" Click o...

MOST POPULAR CONTENT

For promoting your brands, products or services, sharing news, or simply communicating with your site visitors we can produce branded fully responsive email templates....
Production of website logos from existing designs, optimise existing logos for website use, or design new logos for use on your website.
A new website design can be applied to an existing website, or a new website is created and existing databases, content and graphics are imported as required.

We provide remote on demand and routine Website Development, Website Maintenance, Website Support, Website Marketing and Website Hosting services to both end users and web design studios alike all over the world.

Block
Latest statistics.
1,0
Websites and Projects
12,0
Support Tickets
66,0
Ticket Replies

CONTACT US via our online form if you need help with your website or hosting, or wish to discuss a new project and need some advice and we will get back to you with the available options.