GDPR Compliance: How to Protect Your Business and Website

By: Anna Yates Tuesday May 21, 2019 comments Tags: website

In 2018, the General Data Protection Regulation came into effect. The law was enacted several years ago by the European Union (EU), and increased the regulations on online data collection and protection of all European Union citizens and European Economic Area (EEA) citizens. 

What's the run-down on the GDPR?

The GDPR covers a wide range of business processes and procedures. Even though there's no "one size fits all" answer to complying with the GDPR, here are some things you need to know:

• It protects the online data of all EU and EEA citizens.
• It applies to any organization from any country who processes the personal data of EU citizens.
• It fines GDPR violators up to €20 million or 4% of annual global turnover at the time of this writing.

That means that if your website is accessible in the EU and you're not complying with the GDPR, you could get stuck with a hefty fine.

Most of the GDPR requirements relate to internal company procedures that do not specifically relate to your website, CRM, or anything else that involves your AllProWebTools account. However, some requirements of the GDPR do involve your use of AllProWebTools. 

The following questions will help you understand what to do next:

1. Do you do business with anyone in the EU?
If you're a US-based company who only does business in the US, we recommend that you restrict access to your website so that your website is not accessible to anyone in the EU. Learn more about the AllProWebTools Access by Country feature and how it can increase your protection from the GDPR.

2. Have you consulted with your legal counsel to determine how to comply with the GDPR?
If you do business with any countries in the EU, we recommend that you talk with your legal counsel to decide on the right verbiage for your Terms of Service, Privacy Policy, and Cookies Disclaimer, as well as other measures that can protect you from the GDPR. 

Features to Help You Comply with the GDPR

SSL Certificates

SSL secures the connection between your website and your customer so no one else can see the information that's being sent. AllProWebTools offers free SSL certificates to its subscribers.

To access SSL certificates, you must be using AllProWebTools to host your website. Next, be sure you're using the AllProWebTools DNS service. To see how to set up DNS, watch this video:

Learn how to activate the SSL Certificate  WebTool in this video:

Terms of Service & Privacy Policy

After consulting with your legal counsel, you may need to change your Terms of Service or Privacy Policy to be GDPR compliant. Here's how to access and edit your Terms of Service and Privacy Policy in AllProWebTools:

Cookie Disclaimer

You may need a disclaimer on your website that lets visitors know you use cookies to collect data and allows them to consent to those cookies. To easily add a cookies disclaimer to your website, follow these instructions:

Right to be forgotten

When your customers request to be forgotten and have all their data erased from your systems, there is a special procedure.  This process is completely un-recoverable - so it can only be performed by the owner of the AllProWebTools account.

1. Find the customer's CRM record.
2. At the top right, click on the "more" button.  You will see a dropdown and the last option will say "GDPR Delete".
3. The next screen will ask you to confirm.

 

Data breach response

If AllProWebTools becomes aware of a data breach of our services, we will notify the affected customers without undue delay. Read our full Privacy Policy to see all of our policies.

We hope these tips have helped you understand the GDPR and how you can comply with it. Non-compliance with the GDPR can be costly even for American companies, but with AllProWebTools, you have the tools you need to protect yourself!