If you haven’t been hiding under a rock for a while (and even then, the news will probably still reach you), you know that the GDPR (EU General Data Protection Regulation) is well and truly in place. The regulation gives EU citizens control over personal data collected by the websites and the services with which they interact.
Of course, this upsets website owners around the world, as any site serving even one EU citizen is obliged to comply. So, whether you’re based in Paris, France, or Paris, Texas – GDPR applies to you.
The Internet is in dire straits and companies are sending out many email notifications and changing privacy policies at the speed of light. But if you have not yet addressed the issue – it’s OK. We have your back!
Below are eight helpful resources you can use to update yourself and get your site up and running.
* And, as the normal legal disclaimer progresses, please be aware that these resources alone will not ensure compliance. It takes some work on your part and advice from a legal professional to make things more official.
This interactive checklist will help ensure you are on the right track to compliance.
While it does not cover every possibility, it is quite convenient to have a list in front of you if only to help you gain peace of mind in a very complex situation.
Developer Erwan Richard has compiled this list of tools and resources that you can use for compliance. Included are alternatives to Google Analytics, Maps and even social sharing buttons that do not track user data.
WordPress 4.9.6 came with some new privacy tools with GDPR in mind.
Complianz will scan your WordPress website and generate cookie consent and policy based on what it finds. The plugin can be configured to display a cookie notification for your specific region, but you can use a general notification for all users. It also blocks common third-party cookies and iframes. And that’s just scratching the surface about what this privacy layer can do.
If you are using a third party or cloud service, how will you know if they are compliant? And who’s to say what any sub-processors they use to measure the regulation? That’s where ComplianceRank comes in.
The checklist above is from the same people who provide all kinds of compliance information. You will find information on the country where a company is headquartered, its current compliance position, certifications, a list of the sub – processors they work with, and much more.
Working with a database full of personal user information in a development environment? Anonymizer is a tool that will replace that information with randomly generated content.
Of course, it’s not for production environments – but it does provide an extra layer of security when you’re in the development phase.
If you are running a Drupal site and want to be GDPR compliant, this module can be a great help.
It allows users to see what data your Web site is collecting, while at the same time providing administrators with handy tools for managing data and user consent.
All you have to do is start with some code at the top of your page. The library even has the option of not setting a cookie until the user accepts your policy.
If you are looking for a crash course in GDPR compliance, this open source guide is for you. Through 16 chapters, you will find information on everything from identifying personal data to working with analysis. The overarching goal is to help developers build privacy regulations in mind.
Here for the Long Ship
While the chaos and widespread news coverage may be waning, the GDPR is not going anywhere. It’s sure to see some tweaks in the future, but it’s a new normal for web designers around the world. There is an end to the old way of doing things, for better or for worse.
The above resources can be very helpful in tackling the many facets that GDPR presents. Use them to help develop processes that will ensure compliance by default. That way, this regulation will be just another part of your job, rather than an added burden to think about.