What does GDPR mean for your website? - SOS Creativity Web Design Bolton +44(0)161 327 0427

What does GDPR mean for your website?

GDPR front cover

The way in which we store, gather and share information is about to change. Businesses across the world are having to review and adjust their processes, and it’s no different for YOU reading this right now. It’s time to take note of GDPR and to action a plan to respect and obey it.

Our main focus is on how GDPR will affect your website. But to affirm an understanding of how GDPR will affect you and your website, you must firstly understand what GDPR is.



What is GDPR?

GDPR stands for General Data Protection Regulation, which is a standardised EU legislation, which comes into force (a date for your diary!) 25th May 2018.

The General Data Protection Regulation applies to every company that processes data of EU citizens. This essentially means if your business comes into contact with people in Europe and you store their private data, then you will have to respect GDPR. It’s a non-negotiable regulation, which means companies are not able to opt out of it.

brochure website question


Why has GDPR been introduced?

The new regulation has been introduced to increase security of people’s private information – which essentially covers the way in which private data is collected online.

If GDPR was a person coming to knock on your door to make you aware of it, then they would say something along the lines of, “You can continue to offer and provide your services or products to customers who are EU citizens, but you must look after their personal data safely and efficiently. If you don’t, there will be consequences!”

These regulations must be respected. It’s an extremely serious matter which should not be frowned upon, but be embraced. If any business decides to ignore the regulation, then they will be disciplined for failing to comply.



The Three S’s of GDPR

The regulation’s main focus is on the way in which businesses Source, Store and Share private data. We are calling it The Three S’s of GDPR!


What does it mean for websites and other digital entities?

Anyone that collects and processes personal data will be expected to comply by the regulations – this points to websites and other apps too. But on top of that, it includes organisations that use internal databases, CRMs and even emails.

When focussing on how GDPR affects websites, there are three things marketing departments and website owners need to think about when it comes to gathering information online:

  • The way in which you are gathering targeted data.
  • Are you giving users control over their data?
  • Do you provide clear and optional choices when it comes to you gaining permission to store their private data?

Gathering data from a user on your website should be conducted fairly, transparently and correctly under GDPR. Typically, the kind of information you want from a user is their contact information. Whether this is a name, email address and/or contact number, it should be done in a purposeful and meaningful way.

information online

Gathering information online

There are all kinds of cyber-crimes happening online. It’s a big and scary place, and that’s why GDPR will help ensure people’s information is much safer. It’s very common for websites to ask their site visitors and customers for additional information and private data. Under GDPR, this should only be completed when a company can demonstrate the reason for requiring such data.


Site visitor & customer rights

It should be the case anyway, but site visitors and customers should have access to their details. This can be done simply through a link to their account; which would allow them to follow the link, review & change their address or contact details, or even completely remove the information all together.

In the past, users have struggled with the process of unsubscribing from various websites, marketing emails or text messages. The ability to unsubscribe now must be readily available to customers; they shouldn’t need to jump through hoops to be erased from a system.

GDPR means the power is back with the customer!


Complete transparency

Transparency is very much a key introduction for the new regulation. When a website gathers a customer’s details, it should always be consensual. It must be completely clear for a customer to choose between signing up for something or not, subscribing or not and receiving emails or not. If it’s not clear, then you are failing to comply with the regulations and you will be punished.

‘Assuming’ is no longer an excuse, clear agreement (and evidence of this) from the site visitor or customer is essential.


What can be done now?

Well it’s simple, you need to learn and understand GDPR entirely and then apply the knowledge to your own website, process and entire business. It doesn’t matter where you are geographically located, as long as you are appealing to EU citizens, you will need to comply.

It’s pivotal for site owners and marketers to complete thorough clean ups of data and to store lists in CRM systems. The underlying fact is data can’t be stored on spreadsheets and documents that are accessible to an entire organisation. Using compliance software, data management systems and CRM systems will ensure that the stored data you have is not insecure or going against GDPR.


Basic GDPR Checklist

Below are some important tasks to be considered on your road to becoming GDPR compliant.


Task Personnel Status Date
Privacy Policy
Cookie Policy
Opt-in Process
Opt-out Process
Website Security & Encryption
Database Clean-up



Spread the word about GDPR

GDPR is a big deal, and it’s vital that you spread the word to fellow website and business owners out there. Share this information we have provided to you today and apply this knowledge to your own site and business. If you’re not sure where to begin, we’re available on +44 (0) 161 327 0427 and via email: info@soscreativity.co.uk



This article does not constitute a recommendation for your company or professional advice. These are only the parts of the GDPR that may require changes to your website or it’s design. There are many other components to the GDPR not listed here that may be applicable to you, these can be found on the Information Commissioner’s Office website. We take no responsibility for actions taken as a result of this article.