General Data Protection Regulation

General Data Protection Regulation

Is your website compliant?

CONTACT US

What is GDPR?

It is the new European regulation on the protection of personal data that will come into force next May 25th with the aim of protecting citizens who give their consent to the processing of personal data and of regulating the management of privacy in the various member states of the Union.

The consent provided by your website users must be informed and explicit; Your website visitors must therefore confirm that they wish to give their consent to the processing of their personal data. Furthermore, the website must display a Privacy Policy indicating what data will be collected and stored, by whom, and for how long. Visitors must also be given the opportunity to deny or modify consent at any time to the processing of personal data.

THE personal data This is any information relating to a natural person, such as their name, photo, email address, bank details, home address, or IP address. Data processing is any operation performed on data, including storing IP addresses via cookies. When cookies process personally identifiable data, these cookies are subject to the new European GDPR. For example, if Google Analytics is used without masking the IP address, the Analytics cookies on the website store visitors' IP addresses. This means that users' personal data is processed, complying with all the obligations set forth in the new European General Data Protection Regulation regarding third-party services that place cookies on visitors' browsers while they browse your website. 

Is your website compliant with the new European legislation?

The verification concerns a variety of aspects, which vary according to the different types of websites.
In summary it is necessary:

  • Perform a review of all personal data collected
  • Update the privacy policy
  • Make the choice of whether or not to use cookies explicit
  • Create opt-in processes such as when registering on the site or subscribing to the newsletter
  • Make consent to the processing of personal data mandatory when filling out forms and/or registering
  • Keep track of the consents acquired in a log file
  • Make it possible to manage and/or delete personal data immediately
  • Ensure an adequate level of encryption on the data physically present on the disk and on the information in the databases
  • Check that all forms are not "flagged" by default: the user must confirm the sending of the information
  • Enable a procedure that guarantees data portability
  • Record and monitor administrator and webmaster system logs 

Is it necessary to adapt?

Failure to comply may result in a fine of up to 20 million euros or 4% of the annual global turnover, if higher.

News

Newsletter

Utility

Portfolio