Ensure you are complying with GDPR Regulations
The new regulations came into force in May 2018 so pre-existing businesses and organisations should have this issue covered by now.
But what if you recently established your business or organisation?
Or you have since re-launched your website?
Did you know that non-compliance runs the risk of incurring financial penalties?
You should periodically review your business or organisation and its website to ensure it is complying with the Data Protection Regulations (GDPR) when interacting with stakeholders, including customers, suppliers, employees and website visitors.
We periodically undertake a review in four key areas.
1) Data storage
Encryption of computer equipment used to store stakeholder data.
Backing up of stakeholder data.
Encryption of communications with stakeholders.
Explicit consent from stakeholders for the data to be collected, for how long it will be stored and for what purpose it will be used.
Reference to GDPR in contracts with stakeholders (especially customers and suppliers), for example, Terms of Service and Service Level Agreements.
What practical steps might you take?
The steps you take are for you to decide.
These are the steps we took following the release of the GDPR Regulations.
1) We audited our data storage, communications, process of gaining consent from stakeholders and contracts with stakeholders (any Terms of Service which exist).
2) We focused on interactions with stakeholders to identify who, what, when and where we interacted, and how we did so.
3) We identified the minimum amount of data that we needed to collect and store for each group of stakeholders to ensure service levels could be maintained.
4) We drew up a plan of action to implement the necessary changes we needed to make in order to comply with GDPR.
5) And back in 2018 we updated our website to Joomla! v3.9 'Privacy Tool Suite'.
Joomla! and GDPR
The Joomla! Project addressed the requirements for website owners to comply with GDPR when they launched Joomla! 3.9 in 2018.
It was called the 'Privacy Tool Suite' to highlight this fact.
And included several new privacy protection features.
It did not include a Cookie Bar Module however, but there are several free 3rd party extensions available that you may wish to use.
We found the article at the following link to be useful when reviewing how we could ensure we comply with GDPR.
It helped answer two key questions:
- how does GDPR affect us?
- what practical steps might we take to comply?
We also found the advice offered by FreeAgent at the following link to be very useful.
Note: the link includes our referrer code which entitles you to 10% off your FreeAgent subscription (this year and every subsequent year).