GDPR Privacy Consent Management – What are your Obligations?
If you have a website it is almost certain you are affected…
By law you are now required to have a ‘consent management’ notices.
With the expansion of internet-based business over the past 20 years, laws have gradually been introduced in response to privacy concerns and the handling of client data.
The ePrivacy Directive arrived in 2002 and more recently the General Data Protective Regulation (GDPR) in 2018 have made consent management banners compulsory if your website gets visitors from the EU. These are regulated by the Privacy of Electronic Communications Regulation (PECR). Here is a detailed guide
So, when browsing websites, visitors expect to see a cookie pop-up or privacy notice requiring their consent. You probably find them as annoying as I do, but to comply with current regulations they are a necessity.
GDPR Privacy Consent Management – What are your Obligations? continued…
Apart from staying within the law, being compliant will make your website appear more credible. This can also protect website browsers from annoying spam emails.
What information does the notice and policy provide?
They inform visitors of your policy on data collection and handling. Some of the wording is standard and some is specific to the way your online presence collects and stores client data. So it’s important to have the right notice.
Here is an article which explains cookie consent best practices in more detail
What are the consequences of not having a cookie and privacy notice?
Apart from worrying about falling foul of the law and undermining website credibility, you can be fined up to 4% of annual turnover (up to 20 million euros) for failing to comply.
What are cookies anyway?
Cookies are text files which contain small amounts of data, including a unique ID to your website and computer on a network server. They improve your internet browsing experience and track, save and personalise information about your ‘session’ on the internet. These are stored on your computer by your web browser, so internet surfing sessions are ‘remembered’.
You can read more about cookies in detail here
Marketing uses and advantages of cookies
From the browser’s perspective, they help you navigate back to closed web pages and frequently visited sites. They can retain shopping-basket items for next time, and store your visitor preferences, as well as avoiding the need for repetitive website logging in.
When cookies can be dangerous
Data in cookies is not harmful and cookies cannot introduce viruses or malware. But deliberate cyberattacks can ‘hijack’ data from browsing sessions. Also, third-party cookies, generated by banner ads, for example, may let third-party advertisers or analytics companies track browsing sessions.
How you can control the browsing experience
While cookies will streamline and quicken you browsing experience, you can uncheck the ‘allow cookies’ box in your browser setting (usually in the ‘privacy’ section). But this may make internet surfing more difficult or laborious.
If your website links to your presence on social media or Google analytics, then you will be using cookies. Additionally, the platform your website is built on (like Wordpress, Godaddy and Wix) will create cookies. So, it’s almost certain that you need a cookie notice. Emailing tools like Mailchimp already have their own GDPR consent forms but it’s important you are complaint across the board.
Probably not, but that isn’t the point. It like the small print in a contract: it needs to be there to protect both parties.
Why it makes sense to set up your cookie and privacy notices using an expert
Companies specialising in this area can provide you with a one-stop platform for your cyber security and online compliance obligations, tailored to your business model. This ensures you have the correct legal notices. They are also on hand for ongoing advice as your business evolves and laws change. For example, the current directives will soon be replaced by the e-Privacy regulation
Meet the experts
Nadia Kadhim, CEO of Naq Cyber and a GDPR lawyer, states ‘it is critical that you have the right consent measures in place, backed up by legally sound policies, to not only comply with GDPR but also demonstrate to your customers that you take their privacy and security seriously.’
You can read her detailed article, “The ultimate guide to GDPR consent management for small businesses”, for a more in-depth explanation.
We can help you implement your consent management policy
Brilliant Little Business has made arrangements with the experts, Naq Cyber, to provide you a consent management pack (“The GDPR Starter Pack”) at preferential rates for our clients.
A simple questionnaire with easy-to-follow instructions will enable Naq Cyber to create the correct consent management platform for you. Brilliant Little Business will then incorporate them into your website.
Consent Management Pack
This consent management pack “GDPR Starter Pack” costs just £120 with ongoing management at £8 per month and includes:
• A data breach notification policy
• Implementation of a Usercentrics cookie banner
This is a crucial first step in protecting your business.
Advanced GDPR and Cyber Security Pack
To ensure your business is fully compliant with GDPR and for the peace of mind that your client data is protected from hackers and cybercrime, Naq Cyber offers a more comprehensive platform to larger business or those that have not yet implemented a strategy.
Please get in touch with us and we will arrange for Naq Cyber to speak with you about your specific requirements. Even if you are unsure of what you need.