The General Data Protection Regulation (GDPR) is coming soon….but is your website GDPR ready?

Our GDPR series continues with more food for thought…

I hear you say “it’s just a website” and “I don’t collect data on my website”.  Perhaps you do, but unknown to yourself even!

  1. Do you have online enquiry forms?  What do you do with the information when you receive the enquiry?  It is data, so you need to keep it securely.
  2. Do you have Google Analytics set up on your website?  If you do, then you need to update your Privacy Statement to include that you collect analytics and what you do with it.
  3. Do you even have a Privacy Statement on your website?  If not, it is worth talking to your web developer and asking them to update it for you.  It must itemise the information you are gathering and why.
  4. Do you have a Cookie Statement on your website?  Again, talk to your web developer to ensure that you have an up to date Cookie Statement on your website.
  5. Do you sell online?  If so, do you use the likes of PayPal or Realex to collect payments from customers?  Then you need to let customers know that you are using a third party to collect payments.  It is also worth adding a link on your website to their privacy statement.

Your website needs to be compliant for the GDPR changes from 25th May, 2018.  It is not that long away, so don’t leave it until the last minute.

So ask yourself, do you need that online enquiry form?  Is it generating leads?  If you get leads and it works for your business, then keep the form, but just make sure that you’re upfront with the customer when collecting their data.  It is your duty to keep the information secure.  If you don’t need the form and you never get enquiries, then why keep it on your website?

I’ve heard arguments that if you have Google Analytics on your website, but you’re not using it, then just delete it.  At Lush Marketing, we believe that Google Analytics can give you great insights into your target customer, who they are and what they are looking for.  Why would you delete information that you get for free?!  It is easier to be upfront and honest with your online audience and simply update your privacy policy to advise the use of Google Analytics.

Privacy policies and cookie statements should be easy for your web developer to implement and some software packages even have wording templates that can be used.

If you sell online and use a third party provider (e.g. PayPal), then link to their privacy statement (make sure they have one first!).  You are trusting this third party with your customer’s data, so make sure they are not breaching GDPR themselves.

The Data Protection Commissioner gives good hints on their website at /

Lush Marketing are also happy to help you if you’re now totally confused and worried you might not be compliant by 25th May, 2018.  You can contact us at