What is GDPR and how it will influence your business

General data protection regulation
  • Dec 5, 2017


Are you wondering if future GDPR legislation will have any impact on how you collect customer data? We have to warn you, it will certainly have.

Finally, we have the GDPR Compliance Pro module, more details here

This is the most rigorous data privacy law ever introduced. It will affect all businesses dealing with customers within the European Union, not only the EU-based companies. This law is scheduled to enter into force on May 25, 2018. If you want to avoid large fines (in some cases up to 4% of your company’s annual turnover or 20 million euros, whichever is big!), It’s time to adapt your data processing policy to EU requirements.

GDPR compliance pro

The wait is over!

Finally, we have the unique GDPR Compliance Pro module.

If your company has EU presence or sales in the EU, it is necessary to comply with the GDPR law. At this time we are the only company that has a true solution to the regulations brought by the new law. Do not miss this module! It’s very important for you, to have a solution until 25. May 2018. Our module help you to respect the new regulation, at the same time ensuring your customers that you are serious about handling and protecting their personal data.

Find out more about the GDPR Compliance Pro module

What are personal data?

Any information relating to an identified or identifiable individual. An identifiable individual is one that can be identified, directly or indirectly, particularly by reference to an identifier, such as a name, an identification number or a location.

GDPR treats online identification and location data as personal data, so they require that they be protected in the same way as other identifiers, such as information about a person’s genetic, economic or psychological identity. Cookies are included in the field of online identifiers as well!

GDPR affirms that all cookies may be considered personal data if there is the potential to use them to identify a person.

Basics GDPR rules

A person must receive accurate information about all relevant aspects such as the type of data to be collected or processed and for what purpose. The agreement is necessary for the processing of particularly sensitive data.

  • The right to be forgotten.
    All subjects have the right to withdraw their data from a database upon request.
  • Sanctions.
    Violation of the law may result in fines up to 20 million euros.
  • If you break the law.
    The data operator must inform users within 72 hours of data breach or hacking.
  • Parental Agreement.
    Companies can not collect data from children under 16 without verifiable parental consent.
  • Data Protection Officer.
    If a company manages a large amount of sensitive data, it will be required to appoint a data protection officer.
  • The request must be easy to understand.
    The application for user approval for data processing must be made in an easily, accessible and written form, simple language.

From now on, you will need the users’ contribution. Once the new law enters into force, you will need to provide users with a clear, informative and unambiguous indication through which they can express their consent to the processing of personal data.

In GDPR, there are many clues as to what best practices should look like when looking at web analytics. We will try to summarize them for you and present them as steps you can follow to prepare your web analytics for future legislation.

Justify and describe each purpose of using personal data collected from your users. Most likely, sites that use different types of cookies for different purposes will need to get contribution for each purpose. How do you do this? We encourage you to list them all in the Privacy Policy section of your website so that users can get acquainted with them when they visit your site. When processing has multiple purposes, it should be contributing to all of this. In the event that this user contribution is to be granted following a request by electronic means, the request must be clear, concise and not unnecessarily disturbing the use of the service for which it is provided.

Think about how you communicate with your users through the Privacy Policy published on your website. The new regulation will forbid you to write a message in a way that will not be understood. After all, we can not speak of true consens when visitors do not know what they are signing up for. This law requires that any information addressed to the public or person be concise, easily accessible and easy to understand, use clear and simple language.

Your visitors should be able to give up at any time. Even after you have obtained valid visitor approval, you must provide an easy way to change their mind. It should be as easy to withdraw the consent as it is to give it. The person concerned has the right to withdraw his / her consent at any time. This does not affect the lawfulness of the processing on the basis of consent prior to its withdrawal. Before making a contribution, the data subject must be informed of this.

What you need to know now is that the decision on how you want to apply these rules and respond to your users’ requests depends on you. But it goes without saying that the best web analytics service provider should assist in fulfilling the obligations that will impose GDPR.

How to Find out if your business partner has an ear on the spot and is properly prepared for future legislation? We advise you to contact your web analytics distributor and check how they will address this issue. If they can not answer your questions, it’s time to think about finding another solution.

It’s time to act now!

GDPR will impact both data controllers (e.g., a company) and data processors (e.g., cloud provider). It was created to act in the interest of targeted individuals (for example, clients or visitors to your site). The new regulations concern not only European companies that work with personal data, but also any other non-EU company wishing to offer its services to its customers in Europe. Their privacy policy must be based on the new conditions presented by the European Commission.

Do not forget about the module that can help you! Compliance Pro

Related Blogs