Let Us Grow Your Business
We offer a fully array of digital solutions tailored specifically to your company goals and objectives. Contact us Today.
In May of 2018 there was a significant change to net privacy law in the European Union. The GDPR was approved by the EU Parliament in April 2016 and the regulation is now being enforced. Organizations to be found in non-compliance, both inside and outside of the EU, may face heavy fines – enterprises found to be in violation of the provisions of the GDPR can be fined up to 4% of annual global revenue or 20 Million Euros, whichever is greater.
The GDPR regulates the gathering and storage of personally identifiable information (PII). PII is broadly defined as any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. Examples of PII include, but are not limited to:
Consent to gather PII must now be given in an intelligible, unambiguous, and easily accessible form, using plain language free of ‘fine print’ or legalese. The intent of the information gathering must also be clearly declared. Consent must be as easy to revoke as it was to give and consent must be explicit “Opt In” when related to sensitive PII – including most or all of the above examples.
The GDPR not only applies to organizations located within the EU but it also applies to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, EU data subjects. Collecting any regulated data from any EU data subject will invoke the GDPR, regardless of your enterprise’s country of origin or size. Fundamentally, if you or your company has a presence on the internet in the form of a website and if your company acquires personal data from individuals who reside or visit the EU (either physically or virtually though the use of EU servers) while or after accessing your website, then your company is subject to the provisions of the GDPR.
As a hedge against liability, this essentially means the GDPR applies to every publicly available website. The GDPR Requires strict compliance across broad areas, including:
For full details of GDPR visit the official GDPR website.
As an integral part of our clients’ digital marketing and web teams, Shore Digital provides an auditing service designed to determine an organization’s level of compliance in this key area of its website. While the GDPR is a broad and overreaching regulation that covers all aspects of your business operations, our audit will provide your compliance officer with actionable information focused on your website compliance.
In our Audit, we examine several key areas of Compliance, including:
Tangible items we check, include:
Contact Shore Digital today for a complimentary consultation.