Start the new year right with legal advice from Jamieson Law. This month, Laura Unite gives an update on GDPR awareness, discussing why it’s so important and how to update your online presence to comply with its rules.
General Data Protection Regulation is an EU law governing data protection and privacy. The UK implemented GDPR into its own domestic law via the Data Protection Act 2018 and the EU retained law version of the General Data Protection Regulation (the name for GDPR in the UK after Brexit). GDPR is one of the toughest privacy security laws in the world. It has very strict rules and regulations relating to the collecting and processing of data in the EU, so as a business owner you NEED to be aware of it.
As a business owner with a website, you will be processing personal data for UK or EU citizens. Personal data means; emails, names, address, numbers etc. - anything that could identify an individual. It’s essential that you comply with GDPR regulations. If you don’t, you could end up with a huge fine.
To start off the new year, I’d suggest making a Data Protection Checklist to ensure that there’s nothing unaccounted for.
All websites need legal documents, such as, terms, privacy policy, cookies policy, cookies banner and a copyright notice. Your website documents should be prominent and accessible. The best place for the hyperlinks is the footer of each page so visitors can easily locate essential information.
Website terms
Website terms set your website ground rules and information visitors need to know about you. The terms don’t need to be long, provided you have all the legals covered.
Privacy and cookies policy
A privacy and cookies policy is a GDPR must! Within this policy, you’re telling visitors and your customers about the personal data you collect from them when they do such things as:
You’ll also need to explain why you collect personal data and what you do with it. There are six legal reasons for collecting personal data, and the most commonly relied on are that you need the personal data to fulfil your contract with them (i.e. complete the order), they have consented by contacting you, or it is in your legitimate interest to contact them with relevant goods or products. You should also add the contact details of your Data Protection Officer (if you have one) and confirm you’re registered with the Information Commissioner’s Office (ICO).
If you collect personal data of US citizens, you must be aware of Californian privacy rules, and also the developing laws within various states across the US, and reflect these within your privacy policy.
You should also set out your policy on cookies. Cookies are small text files placed on visitors’ devices when they visit your website so that they are remembered next time they visit. The purpose is to make a visitor’s experience more efficient and most websites collect these. Cookies can be used for targeted advertising via third party cookies. You need to be super careful of these and disclose to visitors if you use them. This is because they are collected by third parties, such as Google (via Google Ads) and Meta (via the Meta pixel). If you’re not sure, ask your marketing or website development team.
Cookies consent banner
As your website will use cookies, GDPR also requires you to include a cookies consent banner. This gives visitors the chance to reject cookies if they want to, although they may not receive the full website experience without cookies. If you don’t have a cookies consent banner, have a word with your website developer who could add this for you.
Your website footer should include a copyright notice: “Copyright © 2023 [company name]”. Be sure to update this to the current year and add a reminder to do this at the start of each year.
If you’d like more information on the above, hop on one of Jamieson Law’s free legal advice calls to ask your burning questions - calendly.com/jamiesonlaw
Jamieson Law help e-commerce businesses understand their legal obligations and try to make everything less daunting. This includes drafting website documents, fixed fee contract reviews and contract drafting services. If you could benefit from one-to-one advice, take advantage of their free 15-minute legal advice calls. You can book a slot here.