GDPR explained: what, why, & how

A handy guide to understanding GDPR and your FreshySites website.

What is GDPR?

Is FreshySites GDPR compliant?

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The law aims to give citizens more control over their data and to create a uniformity of rules to enforce across the continent.

Here are some best standards for the new regulations:

Obtaining consent

Your terms of consent must be clear. This means that you can’t stuff your terms and conditions with complex language designed to confuse your users. Consent must be easily given and freely withdrawn at any time.

Timely breach notification

If a security breach occurs, you have 72 hours to report the data breach to both your customers and any data controllers, if your company is large enough to require a GDPR data controller. Failure to report breaches within this timeframe will lead to fines.

Right to data access

If your users request their existing data profile, you must be able to serve them with a fully detailed and free electronic copy of the data you’ve collected about them. This report must also include the various ways you’re using their information.

Right to be forgotten

Also known as the right to data deletion, once the original purpose or use of the customer data has been realized, your customers have the right to request that you totally erase their personal data.

Data portability

This gives users rights to their own data. They must be able to obtain their data from you and reuse that same data in different environments outside of your company.

Privacy by design

This section of GDPR requires companies to design their systems with the proper security protocols in place from the start. Failure to design your systems of data collection the right way will result in a fine.

Potential data protection officers

In some cases, your company may need to appoint a data protection officer (DPO). Whether or not you need an officer depends upon the size of your company and at what level you currently process and collect data.

Are FreshySites websites GDPR compliant?

  • FreshySites LLC is owned and operated in the United States and does not by default build in GDPR compliance.
  • FreshySites’ clients are solely responsible for their website and data compliance with GDPR standards.

Can FreshySites help our website become GDPR compliant?

  • FreshySites can assist in this process through a series of alterations to a client’s website and an additional scope of work.
  • Please reach out to [email protected] if you are interested and we can discuss what it would take to bring your site up to this new EU standard!

A quick legal note

While FreshySites is able to help with these compliance standards, as always, all client website information, data, etc is fully and solely owned by the client organization. FreshySites LLC does not own any client content, data, etc and is not responsible for any compliance or standards imposed on the same, including GDPR.

Google Rating
Based on 65 reviews