The Blog

Preparing for the General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)Obligatory disclaimer: we are web designers, not lawyers – so what follows does not represent legal advice. If you require legal advice, always consult a qualified legal expert. The objective of this post is to raise awareness of the forthcoming implementation of the General Data Protection Regulation (GDPR) and to provide an introduction to the regulation.

By 25th May 2018 all EU businesses will be required to comply with the General Data Protection Regulation (GDPR). This new legislation supersedes the requirements of the Data Protection Act 1998 and has been designed by the EU to strengthen individuals’ rights regarding the collection, use and storage of their personal data.

Note that the planned exit of the UK from the EU (Brexit) is largely irrelevant as the UK Government has announced that the regulation will be brought into UK law.

GDPR is mainly concerned with the collection of data by your business – plus its storage, security and management. It also calls for complete transparency about the data you collect. Many of the issues to be tackled relate primarily to the personal data your business stores (in all capacities); the activities of your website are only one aspect of the regulation.

Your website is expected to supply a privacy policy which explains the data you store, how the data is used, where it is stored and for how long. Privacy policies will often include information about any ‘cookies’ your website uses too (see Should your website display a cookie consent notice?).

Forms and mailing lists

Form opt-in tick boxMany websites use online forms to collect data and to invite users to sign up to mailing lists. If someone contacts you through your website with an enquiry, this doesn’t give you permission to add them to your email marketing list; explicit permission is now required.

Forms should use ‘Active Opt-in’ options for mailing list sign-ups (and similar). In other words, a tick box for the user to be added to your mailing list should NOT be ticked by default. The user needs to actively tick the relevant box, if they wish to be added.

If you operate mailing lists (and any other data collection methods) which use third-party suppliers (e.g. MailChimp), it is your responsibility to ensure that they also comply with the regulation. The same rules apply to your own in-house contacts and mailing lists.

Further Information

A wealth of information is available from the Information Commissioner’s Office who will regulate compliance with the GDPR in the UK. A full guide to GDPR is available at their website and you can request printed publications of the guides and associated advisory information.

Preparing a privacy policyPreparing a Privacy Policy

For many website owners, in addition to addressing the internal requirements for data collection and storage, offering a privacy policy to users (either as a web page or PDF document) will be of prime importance.

Whilst your web designer will be able to assist you with the technicalities of displaying the information, the content of the policy will normally be composed by the website owner, with professional legal assistance where necessary.

Legalo Legal, Suffolk

Legalo ( are UK-specialists when it comes to making sure employers and businesses operate legally. It can be difficult knowing what your responsibilities are, and feeling confident with them. This concern can now be easily rectified.

Based in Suffolk, Legalo are offering all of our clients free templates that you might need in order to meet your responsibilities. These templates cover all of the elements that affect the vast majority of UK businesses. They take away the stress and concern, and get you web legal, quickly.

This is great news for our clients because whilst we’re the design wizards, Legalo are legal pros. Therefore, you now get the best of both worlds. We believe Legalo have made a tricky problem considerably easier for our clients. You have peace of mind, a great looking and functioning website with the legal bases covered too. Areas covered by the easy-to-use templates include cookie notifications, privacy rights, and terms of use – all of which you may need.

In addition to these handy web tools, Legalo are also giving away free disclaimers for your business emails – don’t miss out, find out more about what Legalo can do to make you web legal today by clicking here:

Scroll Up