A Quick Rundown on the GDPR Changes You Must Make to your Website

A Quick Rundown on the GDPR Changes You Must Make to your Website

Chhavi Firani 31/05/2018 7

The European Union’s pledge to make its citizens’ digital life much more secure and devoid of data breaches has brought GDPR or General Data Protection Regulations to existence.

They are a set of rules made for each website that serves content, service, or any other digital resources to people of EU. Their framework basically calls for reforms on how personal data is collected from citizens of EU and how it is handled by the website or service owner.

The enforcement came into existence on 25th of May, 2018, and has grappled the tech giants, Google and Facebook in lawsuits worth 8.8 billion already. They have been alleged to not comply with the guidelines “enough”.

This is a clear signal to everyone who has a digital asset, that they should make their privacy policy and other measures of collecting data GDPR compliant or face heavy monetary losses!

Here are a few General FAQ’s regarding GDPR:

My business and/or website is not located on the EU, am I exempt from GDPR?

No. Apparently, even if your business and/or website is not located in EU but affects the citizens of EU in some way (basically, exists on the internet), you are obliged to make the required compliances.

How does GDPR recognize personal data?

Moving beyond the present definitions of personal data such as age, name, email address, GDPR makes certain parameters like biometric information, genetic data and IP addresses also fall recognized as personal data.  

What are the penalties in non-compliance scenarios?

In case a company doesn’t comply with the regulations, they will be penalised depending upon how severe the misconduct under GDPR is. There could be a fine as greater as 20 million EUR or four percent of a companies annual turnover. It is a severe fine anyway if you are found not complying to the regulation and call small businesses a heavy loss of funds.

Gdpr - Important Compliance Changes To Be Made:   

Check Contact Form

If you have a contact form on your website for a purpose as simple as collecting an email address from the site visitor, you need to specify that you are collecting this email address for communications.

Specifying the same for contact numbers, and other form of contact information is necessary under GDPR. A simple example for stating it could be;

“We will be communicating with you with your submitted contact details”

In addition to this, a checkbox for taking user intent for distributing marketing emails, SMS, calls etc will be mandatory. If you want the user to subscribe to newsletters, they will agree by ticking the checkbox.

Ask for Email Opt-in Confirmation

If you have a newsletter service that sends out emails constantly to the list of subscribers who have voluntarily given you their email information to you, a confirmation of the same must be made by you.

If the subscribers have agreed to receive marketing emails from you before May 25, you will have to send out another email to everyone in which you shall obtain a confirmation that your subscribers still wish to receive marketing emails from you.

If the subscribers don’t confirm the same to you, they must be deemed as “unsubscribed” by you. Following on, you won’t be allowed to send any more emails to these subscribers.

The confirmation can be taken by simply sending out a web page link, clicking on which, the user will confirm that they want to maintain their newsletter subscription status.

Data Integrity Measures

Websites now strictly need to get a privacy policy in place if they don’t have one. Although this is a highly recommendable practice, now it will be seen with the light of legal obligation. If your website, by any chance, doesn’t have a Privacy policy in place, it’s time to get one ASAP.

For a much more detailed take on how your Privacy Policy should look like, you can refer to the guidelines by the ICO.

The use of HTTPS protocol for ensuring the integrity of the collected data is also a prime concern under GDPR. Website owners are expected to keep the data safe and in an encrypted format after collection from users.

For website owners who rely on 3rd party software such as Wordpress, MongoDB, MySQL and the like, need to ensure that the software providers themself comply with the GDPR laws.


In the nutshell, it can be said that if you’re going to collect data from your users, you will be liable to protect it and ensure that it doesn’t fall into the wrong hands. GDPR is all about protecting user interest and the way the privacy of their data is given the due importance.

So, go ahead and make these changes to your website quickly as the deadline May 25, 2018, has already passed. You will receive several updates regarding the privacy policies of the companies you have already subscribed to, make sure you read them carefully.  

Share this article

Leave your comments

Post comment as a guest

terms and condition.
  • Charlie Mahle

    Thank you Europe. Giving us the privacy controls that the US Government would never even remotely think about.

  • Shaun Bradburn

    Any move to protect consumers from conglomerates and tech giants is a good thing.

  • Caleb Poirier

    Our government is actually trying to protect our data online. Impressed and glad that I am an EU citizen.

  • Eric Salmond

    I love this, the EU is really stepping in for everybody this time.

  • Will Dunning

    Thanks for the information

  • Jordan Legard

    The purpose of this is only for the EU to charge american companies billions.

  • Daniela Cummings

    You know it's serious when Facebook sends you a policy change update.

Share this article

Chhavi Firani

Tech Expert

Chhavi is the Founder and Partner at Dikonia. She is passionate about delivering beyond expectations and crafting rewarding experiences.  Her company provides innovative IT solutions including custom SaaS offerings that streamline workflow as well as development and design services in keeping with latest buying and market trends. Chhavi holds a Master of Computer Applications from Punjabi University.

Cookies user prefences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Read more
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics