Wrap up WebWelcome to Wrap up Web Client Billing and Support. From here you can read our help pages, view and pay your invoices, request assistance, maintain your billing information and more.

GDPR Beginners Guide

  • July 12, 2018
  • 0 Comments

What does GDPR stand for?

General Data Protection Regulation


When did it become a legal requirement in the UK?

It became a legal requirement under European Law in 23rd May 2018


What's it all about?

It generally gives anyone who has personal data about them stored in any format (electronic or paper) to have their data...

  • Deleted
  • Given to them
  • Amended
  • Rectified
  • Restricted from being used for any purpose other than its originally intended use
  • Moved

They also have the right to complain if they feel their Data is not being used correctly


As a business what do I have to do?

You have to have a Policy that demonstrates how you are satisfying the above requirements.


How many Policies do I need?

Only one but it has to cover all systems where personal data is collected. For example...

Website - Cookies, Forum/Message Board, Website Registration, Ecommerce/Shopping, Newsletter Subscription etc are all examples of where user data is collected

Your Own business - Customer list, Marketing list, Taxi collection, Contacts list, Spreadsheet/Databases with customer data, Sales system/Databases are all  examples of where user data is collected


IMPORTANT NOTE: Wrap up Web can help your business set up the correct Website Privacy Policy to ensure your website is in compliance with GDPR regulations. However, your business GDPR Policy is unique to your business and as such is not normally covered by the Wrap up Web scope of supply. Wrap up Web recommend the use of a business GDPR expert or third party advice to ensure your non website user data systems are in compliance with current GDPR regulation requirements. 


What is a Website Cookie? 

A Cookie is a small snippet of data that a browser such as Google Chrome creates and stores when you visit a website. This typically contains user data such as 

  • Location data
  • Login username & password data(so you dont have to login again next time)
  • Website Interaction tracking data (did you see a particular message or click a particular link for example)


Some examples of Website Cookies that you might need to declare on your website

  • Username & Password remember(Browser)
  • Google Analytics
  • Website Analytics
  • AddThis(Social Media Sharing
  • Google Ads
  • YouTube


How does that impact on a website?

A website comes in two flavours when it comes to GDPR

  1. It collects user data and has browser cookies
  2. It does not collect user data and has browser cookies

If it does collect user data a website needs to clearly state what user data is collected, how that user data is used, for what purpose the user data is used and how and what type of browser cookies are used.

If it does NOT collect user data a website needs to clearly state that it does not collect user data and how and what type of browser cookies are used.


I collect user data on my website, what do I need to do to make my website GDPR compliant?

  1. You need to add a Privacy Policy page on your website that clearly states what user data is used etc as above
  2. You need to have a message that appears on the website asking users if they are ok with the website using Cookies and a link to your Privacy Policy page.


I DON'T collect user data on my website, what do I need to do to make my website GDPR compliant?

  1. You need to add a Privacy Policy page on your website that clearly states you do not collect user data
  2. You need to have a message that appears on the website asking users if they are ok with the website using Cookies and a link to your Privacy Policy page.


Is there a Privacy Pages template I can use to create my own Privacy page?

Below is a GDPR Privacy Policy template that can be used for any website. Simply copy it and adapt it on your website

http://jamieking.co.uk/blog/cyber-security/policies/download-free-sample-privacy-policy.php


Are there examples of existing Privacy Pages I can use to further help create my own Privacy page?

Those that collect user data

http://www.bolton.gov.uk/home/Pages/Copyrightdisclaimerandprivacy.aspx

https://www.wigan.gov.uk/SitePages/PrivacyPolicy.aspx

Those that do not

http://www.ecoshreduk.com/privacy-policy/


Some Privacy Policy pages are long and involved and others are short and sweet, which is correct?

As long as you cover the basis info below you will be satisfying the GDPR requirement

  • State who runs the website and its contact details so I user can instruct any data changes
  • State whether you do or do not store user Data
  • State the users individual rights
  • State how the user Data is used and for what purpose
  • State how a user can complain if they feel their data is not being used appropriately
  • State the website applications that collect user Data such as an online Newsletter feature(eg Mailochimp), Forum or Shopping cart and what user data is collected
  • State any other applications that collect user Data that are exclusive to your website such as a bespoke business directory and what user data is collected
  • State that when clicking on embedded Third Party Adverts(Google Ads for example), Sponsored Links Etc Cookies are used to collect third party Data (If applicabl)





FURTHER READING

* Please note this is meant to be a basic Guide to GPRS. Wrap up Web cannot take responsibility for any liability due to the use of, implementation or recommendation of its contents herein.

How helpful was this article to you?

Posting has been disabled.