Unless you have been hiding under a rock for the last few months, you may have heard of the new GDPR legislation coming in to force from the 25th May. The new regulation aims to protect your data privacy for all individuals within the EU and most businesses will need to take some form of action in order to avoid significant (legal) financial penalties.
Action required for your website
- Websites will need to contain a privacy policy which is visible from every page (normally the footer). Here is a template which can be amended for your business. Any third parties used to collect data will need to be disclosed within the section on ‘controlling your personal information’ (ie MailChimp).
- Ensure any existing terms of conditions policies mentioning usage of data is aligned with the updated privacy policy.
- Any website forms consenting to mailing lists must have a clear positive opt-in option (ie no pre-ticked boxes!).
- Existing mailing databases can be used, you may have seen many companies already sending out communications to stay opted in. The advice is to include a message similar to the following to existing subscribers.
In May 2018, the General Data Protection Regulation (GDPR) will come into effect. Respecting your data is important to us.
You are currently part of our database because you have signed up, enquired with, expressed an interest in, stayed with or visited us in the past. On that basis, we are assuming that there is legitimate interest for contacting you.
If you are happy with this and wish to continue receiving great offers direct to your inbox, you do not need to do anything. If you prefer to be removed from our list, please click the unsubscribe link below and if you change your mind, don’t worry, you can subscribe again on our website at any time.
An unsubscribe button must be presented below the message.
Note: This is intended to provide an overview of GDPR and is not a definitive statement of the law.
For a definitive guide, check out the Information Commissioner’s Office website.