Its been 2 ywarss since the GDPR deadline, where anyone with a website had to upgrade their site to cover GDPR guidelines or risk heavy fines.
We have heard little news since about compliance, considering the hysteria that was being built up before the May 25 2019 deadline.
The biggest question we got asked was
“If our website (and business) isn’t compliant, would we get a warning and timeframe to get compliant or just a penalty?”
That was an answer that no one knew for sure and evening calling the ICO gave little answers. The result was companies getting compliant to avoid the worst case scenario. Even now over two months later, it is not clear what will happen to websites that are not compliant.
It would be very easy to write a simple piece of software that gives a list of all urls in the UK without an SSL certificate for example, or you can manually visit a website and know immediately what their status is by looking for the Green padlock in the top left of the browser.
The GDPR enforcement affected everyone, whether you ran a simple blog or were a fortune 500 company – anyone with an online presence was expected to make these changes or face heavy penalties.
Indeed, 90% of our clients welcomed us to upgrade their website, which is a time-consuming and costly activity that cannot be done in a day.
Compliance is at best going to take 2 – 3 days, once you factor in buying, validating and installing the certificate.
Writing the content for the Privacy Policy, Cookie Control, Terms and Conditions (Or buying the software that creates this for you.
Choosing the most suitable cookie pop up and customing where necessary.
And then creating the links on your footer that click through to the pages that need to be built.
Finally, any data being sent from an online form requires an opt-in from the user, allowing you to store their details.
Under the new regulations, users need to manually opt-in before they give you their details via an online form. The opt-in should also be accompanied by a Google Captcha for security.
It is not clear whether fines will be given immediately or whether a warning will be issued first and a timeframe given to get compliant or a direct fine.
As soon as we hear of any individual cases coming to light and the action taken we will let you know.
Until then, if you have the budget to get compliant its really worth doing it now as the regulations will not go away and browsers like Google Chrome are highlighting any websites without an SSL even more prominently with every browser update.