WordPress GDPR Compliance
What is GDPR and why is it important to you?
GDPR stands for General Data Protection Regulation. It is designed to streamline and simplify the data protection laws in Europe, that includes the UK. GDPR applies to you if you collect, store or use personal data from European citizens, including UK citizens.
So, what does GDPR actually mean for you?
Firstly the important bit: Companies who fail to comply with the GDPR could face fines of up to 20 million Euros or 4% of annual turnover, whichever is the greater.
- It provides EU citizens, again this includes the UK, more control over their personal data, allowing them to request access and ask for it to be deleted.
- All companies must:
- obtain specific consent to use of consumer’s data. Implied consent is no longer an option.
- provide full details of how the personal data will be handled and how long it will be held for.
- demonstrate GDPR compliance which will include maintaining written records of all data handling activities and implementing and maintaining a proactive approach to data protection.
- appoint Data Protection Officers (DPO) who will be responsible for regular monitoring of personal data.
- report a data protection breach, unless the data is encrypted and consequently unreadable or inaccessible, within 72 hours to report it to the ICO and to the consumers potentially affected.
- Consumers have a right to:
- have their personal data kept safe.
- complain if data is mishandled or misused.
- to know if their data has been hacked.
- be forgotten and the right to object to their data being used.
- Companies outside the EU which who wish to do business with consumers in the EU will be subject to GDPR.
I have developed a GDPR compliant framework for WordPress websites.
All new sites will be built on this framework. I can also apply my developments to existing WordPress website so that they meet with GDPR compliance standards.