Choose another country or region to see content specific to your location and shop online.
Cheap Domain Names and Web Hosting in Australia
Australia
AU

What is GDPR? And why you should make your website GDPR compliant.

William Bacchus
William Bacchus

Published: 06/01/2023

Last updated: 16/03/2023

Table of Contents

What is the General Data Protection Regulation for Australia

Nowadays, security is at the core of everything we do on the internet. Every website is monitored constantly for security threats and to make sure the owners and visitors are safe when browsing. Due to threats of the past, governments and international organizations have brought in laws to ensure the people’s protection. One of the most recent, and important, of these laws is the GDPR. When confronted with legal jargon and terms such as GDPR, it’s easy to feel quite scared and intimidated. This blog will help to clearly explain what GDPR is, who it applies to, and the actions your website should take immediately to avoid fines, lawsuits, and other dangers.

What is GDPR?

The General Data Protection Regulation (GDPR) is a newly-instated data privacy law in the EU. This law affects any website that collects data on EU citizens, so even if you are an American website, this EU law could easily apply to you. This makes the law even more important when considering the vast expanse of the EU and the likelihood that your website could have visitors from there. The law was put in place out of interest for the online privacy of all EU citizens. It main coverage focuses on how website’s collect personal data from their visitors.

Here are some of the most important points covered in the GDPR law that apply to and will affect websites:

  • Websites must clearly disclose that they are collect personal data from visitors.
  • Businesses need to explain to visitors the reasons why they are collecting personal data, how they are collecting and storing the data, where it is being stored and how it is processed.
  • And visitor has the right to ask for a copy of their personal data.
  • Under some circumstances, visitors are able to ask for their personal data to be erased.
  • Businesses (and business websites) that have ‘core activities’ that are reliant on collecting personal data need to employ a data protection officer. Furthermore, in case of serious breaches of information, businesses must report these within 72 hours of the breach.
  • Those who violate GDPR laws can be fined up to €20 million or 4% of the global annual turnover.

Why is GDPR needed?

You may find yourself asking why these laws are in place, or why they were needed. In May of 2018, the regulation came into effect. It was imposed to protect people and internet users against data breaches. The majority of WordPress websites will collect information about its visitors. They can do these in many different ways. For example, if your site uses Google Analytics, WordPress Forms, or email marketing, then you are collecting personal information.

As a website owner, your biggest obligation is to gain consent from your visitors. The GDPR states that you must gain explicit consent from EU visitors to collect and process their personal data. If you don’t gain this consent, you legally cannot share this information with any of your advertizing or remarketing accounts.

How can I make my website GDPR compliant?

Now that you understand what GDPR is, it’s time to apply your newly-found knowledge and ensure that your website complies with GDPR requirements. Before we get started with this, there are a couple of things you’ll want to do:

  • Consult legal advice: When you’re dealing with important and risky information like this, it is never a bad idea to hire a lawyer with GDPR experience. They will be able to help you by showing you what needs to be changed on your site, and how you can make these improvements.
  • Identify data collection points within your website: In order to work out where GDPR applies on your website, it’s worth going through every section of your website and making a note of where you collect personal data from your visitors. These can include checkouts, sign up forms and log in pages, and IP addresses. This also applies if you are holding information on a membership-based website. It’s vital that you find these areas on your site where you need to gain consent.

Done with all of that? Excellent. Now let’s look at ways you can help to make your website GDPR compliant:

Update WordPress

Here at Elite, we love WordPress because of it’s many built-in privacy features available WordPress version 4.9.6 or higher. This is an easy and great way to help make your website more GDPR compliant. The best part is you don’t even have to do anything about it! Just read the following about some of the most important features, to help develop your understanding:

The first major feature involves your comments section. In previous versions of WordPress, when a user would go to comment, their name and details will be automatically stored when they comment. This was to save them having to do it the next time they comment. After this update, you will find a checkbox in the form section, which requests permission to save your personal information.

There are also new features regarding data exporting and erasing. If you head to tools, you will see two new features: Export Personal Data and Erase Personal Data. This gives you as a manager, an easier and more automated way to export (conveniently in a .zip file) or permanently erase data.

One of the most useful new features, in our opinion, is the policy generator. This is a pre-written privacy policy template that you can easily apply to your own site. This is a great and easy way to direct visitors to a page that informs them of all the details regarding their personal data. If you navigate to Settings, then Privacy, you should be able to locate the policy generator.

You can also use plugins with built-in policy generators, such as CookieYes (but more on them later!).

From here, you can either add your own, pre-existing privacy policy page or create a new one. By creating a new page, you will generate content with disclaimers privacy information. However, you will have to create content yourself for some sections.

Further ways to make your website more GDPR compliant

It’s incredibly hard to cover everything you need to do in order for your website to be fully GDPR compliant. Especially when you consider the uniqueness of every website, and the different features many websites incorporate. So, we always suggest that you seek legal guidance. Although, there are some more, smaller changes you can make to push your website in the right direction – and we’ve accumulated them below:

HTTPS

Encrypting the traffic to your site can never be a bad thing. You can do this by using an SSL Certificate on your website. This will change your URL from HTTP to HTTPS. Furthermore, you can see the key differences between HTTP and HTTPS, and why one is better than the other here.

For the best SSL Certificates available, choose The Elite Web Co. From just $8.75 per month, you can own some of the best SSL and Security, all in one affordable package! If you’re looking to get the most out of your SSL certificates, you should download Really Simple SSL. It’s a WordPress plugin that helps to optimize your SSL certificate to its fullest potential – making your website as safe as possible.

Contact forms

Contact forms are one of the most common ways your website can collect data. With the GDPR, there are a few specific rules you need to include when asking for personal data, no matter what the form is asking. You must include a tickbox asking your customers for consent that they accept your terms and conditions. It is also very important that you include a secondary tickbox asking for consent so you can send them further marketing and other forms of communications.

In order to comply with the rules fully, you cannot pre-tick the box as that does not class as ‘explicit consent’. However, if you’re worried about remembering all this information, you can download plugins such as WPForms and Contact Form 7 that will sort all of this out for you!

Cookies

Another thing that you need to remember to include is a Cookie reminder to let all your visitors know that you are using Cookies. You can do this by either manually creating a banner or by using a Cookie plugin. Elite recommends using CookieYes. CookieYes is a great plugin that goes above and beyond what your average Cookie plugin does. It will scan your website for Cookies automatically and give you Cookie-based analytics based off these. You also have the ability to customize and create your own custom Cookie banner, helping you avoid using a standard, pre-generated one. CookieYes also helps to ensure your website is always GDPR compliant.

If you are using Google Ads on your website, then you must make your website Google compliant. This involves linking to Google’s Privacy and Terms from your Cookie Banner Notice.

Notifications

It’s always a good idea to let your customers know when you change or update your privacy policy. The easiest way to do this is by sending a notification to your subscribed customers via email. If you don’t already have an email campaign set up, it might be worth investing in one to let you contact your visitors as easy as possible.

Analytics

When talking about analytics, this also includes tracking and remarketing. However, this only applies to third-party platforms or plugins you use such as Google Analytics or MonsterInsights. If you don’t already use some kind of analytics software like the ones below, check out this article explaining why you need to add Google Analytics to your website.

In order to manage these to make them GDPR compliant, you need to anonymize your visitors data before you can process it and store it. For this to happen, we recommend using a plugin to connect Google Analytics to your website. Plugins such as Analytify can help with this, and it’s fully GDPR compliant.

WooCommerce

If you run an online store, then the chances are that you’ll be using WooCommerce. It’s one of the best, and most convenient way to manage online sales in a WordPress website. WooCommerce is fantastic in that it offers built-in resources to manage user privacy. In WooCommerce, navigate to Settings, then Accounts, then Privacy. From here, you’ll be able to enable the option to have personal data retention on. You should also turn on the option for erasure and privacy policy.

It’s incredibly important to disclose your privacy policy on any website, but especially on an online store. Customers will feel so much more secure when making transactions knowing that the business they are buying with has the privacy interest first. However, if you run an online store, you must also ensure that it is PCI compliant, and you can find more information about PCI compliancy here.

If you don’t already have WooCommerce, why not purchase WooCommerce hosting? From just $40.65 per month, you’ll be able to manage your own online store with over 75 free extensions to help take your site to the next level!

To Conclude…

The GDPR may have seemed a scary term, and whilst it’s quite vast and complex, you should by now have an understanding of what it is and how it applies to everyone. If you feel that your website has a long way to go in order to make yourselves GDPR compliant, you should now know the first steps that you need to take.

Sign up for free news, tips & offers

Your email is safe with us, we don't spam.

William Bacchus
William Bacchus
Will joined the Elite team in 2021. He has a background in content writing as well as a keen interest in media journalism. His interests include taijutsu and a immense passion for film and television. He aims to inform as many people as he possibly can about the vast and often confusing nature of web design!

Leave a Reply

Table of Contents

Products Mentioned
SSL certificates
WooCommerce Hosting
Email Marketing
Sign up for the latest news + A Wordpress guide

Reseller login

If you’re a reseller, use the button below to sign in. (your reseller account is separate to your regular account)

New customer

New to ELITEWEB.Co? Create an account to get started today.

Registered users

Have an account? Sign in now.

Sign up for offers and the latest news