How do I make my website GDPR Compliant?

GDPR applies to anyone who collects, records, organizes, stores, or performs any operation on data for citizens of the European Union.

Where it goes: 

GDPR standards need to be met throughout the site. Antenna will implement GDPR Best Practices on the website as instructed by the Client (either within the website project contract or in addition to).

Best Practices: 

EU General Data Protection Regulation (GDPR) key components:

  • Cookie & privacy popup notice
  • Privacy Policy 
  • SSL Certificate
  • Ensure all web forms do not have hidden email marketing subscriptions
  • Users’ personal and account data is stored and retrieved using encryption
  • Forms: any form that has a checkbox to subscribe can not be pre-checked or hidden

Antenna’s Involvement: 

Antenna may recommend to the Client to implement the best practice of the GDPR law, in whole or in part, based on our general understanding of what is required and appropriateness for your business. Ultimately, it is up to the Client to decide if and what updates to the website should be made (see disclaimer below) and then Antenna will make the updates to the website (either as part of the original agreement or separate).

Antenna Disclaimer: 

Antenna does not accept any responsibility or liability that might occur directly or indirectly as a consequence of the client's site violating GDPR law. The above GDPR best practices are just suggestions and shall not be considered legal advice. It is the client’s sole responsibility to consult a lawyer to ensure that the website is compliant with the GDPR laws that apply to the client’s business.

Additional Resources

This "GDPR Explained" video will help you understand the meaning of GDPR, implications of GDPR, data activities included in GDPR, email marketing & GDPR and audit & review GDPR. GDPR( General Data Protection Regulation) is the European union's new privacy law that came into effect on May 25, 2018. GDPR applies to anyone who collects, records, organizes, stores or performs any operations on data. The purpose of this law is to create consistent and enforceable legal requirements to protect the right of any EU citizen privacy and security of their personal data. This new regulation applies to the data of all EU citizens, irrespective of where the data is stored or sent to. Now, let us get started and understand GDPR in detail.