GDPR is ambiguous enough that the folks who wrote it are they themselves still hoping to understand its far-reaching implications.

Chances are, you're not compliant. The reality is that you're not alone (a recent report shows that 60% of companies are likely to miss the deadline). Unfortunately, ignorance won't save you.

What is GDPR?
GDPR is a broad European Union data and privacy protection law that strictly regulates how you can interact with EU visitors' information. Every bit of data usage and collection must be thoroughly documented and transparent to the user.

But I am US-based and I don't market or sell to Europe…
It doesn't matter, so long as EU visitors can access your website.

Why you need to care
The penalty for noncompliance is "up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher." The Googles and Facebooks of the world are the obvious targets, but internet ambulance-chasers and class action lawyers will be on the tails of SMBs.

How you can become compliant with GDPR

Block EU traffic

A simple solution if you don’t market or sell to EU visitors. Present users with a landing page that requires them to select their country, or block all traffic that originates from EU countries.

cookie

Add a cookie policy message

With the implementation of GDPR, the “cookie message” has become ubiquitous on the web. Add a short notice on all your pages that requires acceptance by users to be sure they aware of what information you track.

cookies

Manage email opt-in data

GDPR is retroactive and pertains to all data you keep on prospects and customers, including email lists. Be sure that you have permission to email your contacts with an opt-in campaign.

email

Implement a full suite cookie manager

Go beyond a basic message and give visitors full control of their website experience by allowing them to enable or disable individual or groups of cookies.

cookie manager

Update forms to require
opt-in

Get explicit opt-in from users when collecting their information by requiring they have read and agree to your website terms.

forms

Other custom website solutions

Do you have unique organizational policies to satisfy GDPR requirements? Contact us to see if we can help.

managed

We are not lawyers and this does not constitute legal advice. These are guidelines for website best practices to become compliant with GDPR and not a substitute for obtaining professional legal advice.