The General Data Protection Regulation (GDPR) is a European privacy law that is due to go into effect on May 25, 2018. The new regulation provides residents of the EU countries with the tools to control their personal data and ensures their privacy by protecting their personal data and rights.

The GDPR must be observed by everyone who processes personal data of residents of the EU countries (Article 3 of the GDPR). The GDPR states that personal data is any information related to an identified or identifiable individual (the data subject), based on which, directly or indirectly, an individual’s identity can be established. Thus, if your website collects personal data, and the personal data subject is a citizen of a member state of the European Union, you must ensure that your site complies with the requirements of the GDPR.

If you can not say with certainty that you process the personal data of at least one citizen of a member state of the European Union, ask yourself the following questions:

  • Are your services/products adapted to the languages of the EU countries?
  • Are your services/products sold in the local currencies of the EU countries?
  • Are your services/products are offered at the national top-level domains of the countries of the European Union?

If your answer to at least one of the above questions is “yes”, you must comply with the requirements of the GDPR.

As a site owner, it is your responsibility to inform your visitors and customers about the way your site processes their personal data, so you should carefully study all the requirements of the GDPR and bring your site in line with them.

Take a look at our recommendations below so you know how to make your site GDPR-friendly.

The main document that confirms your compliance with the requirements of the GDPR is the privacy policy of your website. If you don’t have a privacy policy yet, it’s high time for you to consider creating it. The uKit website builder has the necessary tools for helping you create a privacy policy page for your site.

Navigate to the editing mode of the builder and go to Site Pages. Under the System tab, you can add a privacy policy page to your site and customize it to your needs.

In addition to this, all contact and newsletter forms, as well as pop-up windows on your website, now offer an “I agree to the terms of the User Agreement & Privacy Policy” checkbox option so that your customers can provide a confirmation that they consent to their data being processed.

We recommend that you draw up a clear and comprehensive privacy policy for your website in accordance with the requirements of the GDPR and the laws of your jurisdiction. That said, an important requirement for the privacy policy is its simplicity and easily accessible form for the personal data subject.

A privacy policy should contain the following provisions:

  • basis for the collection of personal information (usually the consent of the subject of personal data, but there are other legal grounds specified in paragraph 1 of Article 6 of the GDPR);
  • the rights of the personal data subject (listed in articles 15-18, 20 GDPR);
  • list of the personal information that you collect and its types;
  • purpose of collecting personal information;
  • cases in which you disclose users’ personal information to third parties;
  • how cookies and other technologies for the automated data collection are used on your website;
  • how subjects of personal data can withdraw their consent, change or delete their personal information that was collected by you;
  • procedure of updating your privacy policy;
  • your contact details for communication and questions.

Unfortunately, we are unable to give more detailed guidelines on the provisions your privacy policy should contain because this document requires an individual approach for each site.

If you require any specific features on your website according to the GDPR (notifications of using cookies, age confirmation, implementing the right for data transfer, etc.), feel free to contact uKit Support Team and we will help you find a necessary solution.

Some general recommendations on compliance with the GDPR:

  • Check if your site and organizational measures taken comply with the GDPR requirements
  • Do not process data for a longer period than necessary for the objectives stated in the privacy policy
  • Follow the principles set forth in paragraph 1, Article 5 of the GDPR, including the principle of data minimization, i.e. avoid collecting information which is not necessary for providing services/offering goods
  • Promptly respond to all customers’ requests concerning their personal data
  • Obtain explicit consent to the processing of personal data by using the checkbox form
  • If you are based outside the territory of the EU countries, you should appoint your representative in the European Union

To be fully prepared for the GDPR requirements, we recommend that you read the full text of the GDPR, and seek legal advice from qualified specialists in the country of your jurisdiction.

Here you can find useful information about how to bring your site in line with the GDPR.

If you have any additional questions, comments or suggestions on how to improve our service in relation to the GDPR requirements, please contact the uKit Support Team.

We also want to let you know that we made some important updates to our Privacy Policy. We added detailed explanations about what information we collect, what we do with it, and how we make sure that information stays safe and private. Please take a moment to review our updated Privacy Policy here.

Your comment