This article regarding the GDPR (General Data Protection Regulations) of March 2018 should mainly be of interest to business owners, particularly where they have a website, and of course if they store and process data relating to private individuals. It is reproduced from a newsletter (with some editing) sent to All Tech Plus website customers in September 2018.
GDPR (General Data Protection Regulations) Introduction
You may have had a flurry of e-mails from your various e-mail business contacts regarding the GDPR (General Data Protection Regulations) which came legally into effect in March of 2018 and supercedes old data protection laws along with their specific requirements. The GDPR is much more comprehensive. It covers both the storing and processing of personally identifiable data as well as measures to protect someones privacy. For website owners, in terms of privacy, you need to allow your site visitors to reject the storing of cookies as well as informing which cookies are in use and for what purposes. In terms of personal data, this will depend on whether you capture names, e-mail addresses, addresses and so on – perhaps to facilitate an online shopping experience or newsletter. As with the older data protection laws, certain rights are afforded to individuals, which include but not limited to a right to correction and deletion of such data.
Is your website GDPR compliant?
Prevention and good user training are always key in situations like this. Your website at the time of development may simply have had a short privacy policy which may have met the basic terms of the legislation prior to the GDPR, the data protection act / LOPD.
The GDPR is a much more thorough approach to the whole idea of data protection and privacy, and is a legal requirement.
Even if you don’t collect personal information from your website, chances are your site uses cookies and it is your duty to inform site users and allow them to reject or decline the use of such.
For All Tech Plus website customers with Joomla website we recommend the GDPR plugin which whilst so ever your site remains hosted with us can be used on your site for free (please open a support ticket to have us install and allow you access to the component. If you haven’t registered for our support portal yet, you can do do here: https://all-tech-plus.com/support/get-support.html). You can then choose to configure and setup the component yourself or have All Tech Plus complete this for you – please contact us for a quotation as the labour time will vary dependent on what your site does for you (as a guide you should budget for between 1 and 2 hours labour at either our standard rate or for those with support plans at your support plan rate).
For those with WordPress based sites, please contact us by raising a ticket in the support portal – you can use the links above to register if you haven’t registered already, or to go the the login screen of the support portal.
More Information and Self Assessing.
There is a handy tool on the official Spanish data protection site – find the link as a button below, which is available also in English. You are asked a series of questions, it will then generate advice for you and some suitable text which you can use to form part of your compliance.
The main AGPD site can be found here: https://www.aepd.es/, although it appears only Castellano (Spanish) is available – you can always use Google translate. You may also need to register with them here, your uses of personal data:https://sedeagpd.gob.es – here you nominate who your data controller is. For most of us this appears to no longer be necessary as it was under the original provisions of the data protection act / LOPD.
You can use this link to help you generate your privacy policy if you wish (in English), this can be entered into the GDPR options of the Joomla plugin described in the previous section: https://www.freeprivacypolicy.com/