HERSTED HERTZ

View Original

Show your Visitors you are Serious - Why your Website Needs GDPR, Cookie, and Privacy Policy [updated 2023]

Disclaimer: This blog post contains information obtained online and serves as a general guide. For ensuring GDPR compliance, always consult with a legal professional.

I interviewed one of my business friends about the law side of the business. She said to me that there’s a LOT of papers involved like various types of permits, etc. All of those papers are required before they can start building their store. Compared to an online store, before you can make your website live, you need to comply with the privacy policies required by the law. Oh no, what? Yes, you read it right. Stuff like this is really not taught in school (unless your major is related to website building). Still, in the general area, this is not part of the curriculum. 


That’s why today, I’ll give you a crash course about GDPR, Cookies, and Privacy Policies. Beware, don’t sleep on this. This is really important to ensure you won’t encounter legal problems in the future!

FOR YOU NOT TO GET LOST:

See this content in the original post

Introduction: What's GDPR, and Why Does it Matter?

GDPR, or General Data Protection Regulation, is a European law established on May 25, 2018. It regulates how companies handle data from EU citizens, irrespective of their location. But you might be wondering, "I'm not from Europe, so why should I care?" Well, if your website aims to reach a global audience, understanding the policies that protect users in different countries is essential.

Now, let's dive into the essentials of GDPR compliance:

See this content in the original post

  1. Terms of Service

    Website terms of use are the rules visitors must follow to use your website. These typically include:

    • Company/website owner information

    • Registration requirements

    • Authorized content use

    • Rules against illegal or defamatory content

    • Liability disclaimers

    • Website availability details

    • VAT registration

    • Links to privacy and cookie policies

    You can either consult a lawyer or use a template for your terms of service. Platforms like Rocket Lawyer offer user-friendly templates.


2. PRIVACY POLICY

This is the core document you need to protect your visitors. Privacy policies provide information about the data you collect, how you use it, and how people can ask you about their data. This is important since it’ll show how you regulate data across your business. 

Data include full name, birthday, contact, and bank account details. Your privacy policy needs to emphasize why you are collecting this confidential information. 

The same for terms of service; you can also use a template. I recommend you to use this from the ICO. The excellent news is that ICO is an organization based in the UK. They made sure to include all guidelines needed to make your privacy policy document GDPR compliant. 

Again I’m not a lawyer (I am just a fan of HTGAWM) so please, take your time to consult a professional. 


Just a quick review, I know you’re confused what’s the difference between Terms of Service and Privacy Policy.

Primarily, Terms of Service is designed to protect you, and Privacy Policy is to protect your clients. Because before we look for other people, we need to look for ourselves first.

Where to place Terms of Service and  Privacy Policy notice?

  • Sign-in Pages

  • Footer Links

  • Cookies Banner

  • Sign-up Forms

  • Checkout Pages

  • Banner on your Landing Pages

3. COOKIES BANNER

Last time, I talked about Super Easy Ways to Customize your Website Cookies and Why you need it. In that blog post, I explained the basics of website cookies and how to layout one. Now I’ll talk about how to make your cookie banner GDPR compliant. 

Quick recap, cookies are a quick snack for most people. Still, for the internet, website cookies are the fastest way to collect information about your visitors. Details such as personal information, contact details, log-in information are collected by your cookies. 

If you notice in some websites, some cookies banners just inform you that they are using cookies. They really don’t get your consent by adding an okay button. That’s a big no-no since to make your cookies GDPR compliant, you need to ensure people are opting to click the “Accept” or “Okay” button. 

Again, you can consult a lawyer to construct a cookie policy or just use a template from the Terms Feed

4. MARKETING CONSENT IS A MUST!

CHECKPOINT: This is a sign to organize your email. 

To tell you, all that spam emails in my account are annoying, and I didn’t even know where I got them. That’s when GDPR saves the day by demanding all websites to obtain the consent of each visitor (mind you, lots of companies complained about this, yikes!). To add people to your mailing list, you can use a newsletter block, a promotional pop-up, form block, or while in the checkout process. 

  • For Promotional Pop-up - Find it here: Marketing>Promotional Pop-Up

  • For Checkout Process  - Find it here: Commerce > Check out > Mailing Lists 

Few reminders: 

  • Note that people shouldn’t be forced to sign up for your newsletter to receive a freebie. 

  • Your sign-up forms should be written in simple, direct language. They should specify precisely what a customer should expect from your newsletters.

  • A mailing list form should explain that a user can unsubscribe from mailings.

  • Checkboxes are everything from having a mailing list for the different goals to contact forms, application forms, etc. 

See this content in the original post

Where to Store Data?

Ensuring data security is paramount. You can't simply maintain sensitive information in an unprotected Excel sheet. GDPR compliance demands robust data security. Consider using GDPR-friendly platforms like MailChimp or Getresponse.

Pro Tip: This is a simplified overview of GDPR compliance. For in-depth information on data security, IT policies, client and staff contracts, and more, refer to the ICO's GDPR Guide.

In a digital world where privacy matters, GDPR, cookie policies, and privacy agreements are your allies. Make the process easy and doable, and you'll build not only a strong website but also trust with your users. Don't let legal hurdles hold you back – ensure compliance and focus on growing your online presence.

Want to know more? Check these out!

See this content in the original post

BONUS: FAQ


Bonus content!

My take on this topic, GDPR is all about effort, but it’s really a plus!

In this society, it’s better to normalize recognizing consent and boundaries to ensure that everyone is in a safe space. There’s literally a lot to dig in the internet world, and sometimes it’s scary not to know everything. That’s why having privacy policies between people must ensure that everyone’s rights are acknowledged. Thank you for reading until here! 

If you liked this post, Pin it to Pinterest!

For more information, visit Squarespace.


KEEP READING!

See this gallery in the original post