GDPR, Privacy and Your Website
Yep - the GDPR is really happening - you can't put it off any longer.
A new law comes into effect on May 25, 2018 called The General Data Protection Regulation (GDPR) and it's the biggest overhaul of privacy regulations in 20 years. These new rules aim to regulate how businesses are collecting, using and processing data from EU citizens and if you have a website - that means you!
Consent is a key part of the new legislation and it is important for any website that collects personal data - for whatever reason - to obtain specific permission to use it in the course of their business. Visitors to your website must understand exactly how you are planning on using their data and must agree to each specific purpose. For example, if you have someone's email address because they have placed an order with you, you are only allowed to market to them if they have explicitly agreed to this.
Although it is unlikely small businesses like ours would be fined, privacy matters - so it's time to get your site up to speed. It's a bit painful to go through but once you're setup properly you can feel pretty proud of yourself as a huge number of businesses are just sticking their head in the sands.
If you have a Squarespace website, the main things you will have to update or check;
2. Amend any newsletter/email signups to include explicit consent
3. If not already, enable your EU cookie banner notice
I am a web designer not a lawyer, so do your due diligence if you want to protect yourself!
Google Analytics is used to track user behaviour, however it has always been an anonymous tracking system so there is no 'personal data' being collected and is apparently not affected by the new rules. Read more here privacy.google.com/businesses/compliance
General GDPR Guidelines, Information & Privacy Resources