Many of you have been hearing about GDPR for quite some time now, but how many of you know what it is? More importantly, do you know how will it impact your business? Here, we try and clarify a few of those burning questions, and what we can do to help your e-commerce store.
What is it?
Quite simply, GDPR stands for ‘General Data Protection Regulation’. It’s a new piece of government legislation that is intended to strengthen and unify data protection for all individuals within the EU. It effectively means that the way in which companies capture and store digital information of customers will change. If you’re a business taking online payments, then you will need to implement some significant changes in order to comply with these new EU regulations, or face some hefty fines.
GDPR comes into effect on May 25th 2018. We’d recommend you prepare for the change before May.
Who is affected?
These strict guidelines will affect organisations who collect customer information, who are based in the EU or trade with companies within the EU.
Ultimately, this change will make e-commerce practices better in terms of security and relationships with customers. There are some favourable arguments for the change:
GDPR can be used to achieve more than just compliance. For example, you can use GDPR to adopt best practice around the handling, control and security of your organisation’s information; update and enhance your business processes; improve the quality and integrity of data you hold; and to rethink why and how you capture and use personal data of your customers, staff and leads.” Adrian Davis, managing director EMEA at security certification organisation
In terms of marketing, it will mean you will have to work that bit harder to communicate with people on a long-term basis. But as a business that is concerned about keeping ongoing, positive relationships with their customers, then this can only be good news. It’s an opportunity to be more creative in your marketing approach.
What you need to do?
As an online business, you will need a site-wide SSL Certificate, which will encrypt all information entered within the website. Search Engines, like Google, have begun penalizing those without an SSL certificate, both to improve online security, but also as a build up to GDPR. Moving forward, you will also need to look at your auto-renewal and subscription payments, as data subjects can withdraw anytime.
You must make certain information available to those who you’re collecting the data from. This includes:
- the identity and the contact details of the controller and DPO
- the purposes of the processing for which the personal data are intended
- the legal basis of the processing.
- where applicable the legitimate interests pursued by the controller or by a third party;
- where applicable, the recipients or categories of recipients of the personal data;
- where applicable, that the controller intends to transfer personal data internationally
- the period for which the personal data will be stored, or if this is not possible, the criteria used to determine this period;
- the existence of the right to access, rectify or erase the personal data;
- the right to data portability;
- the right to withdraw consent at any time;
- and the right to lodge a complaint to a supervisory authority;
How we can help?
Sellerdeck has created a package, which will allow customers to address aspects of GDPR relating to their website. We’re making many changes to the software, which will be available in the form of a new software release next year. Alongside this, we will offer site-wide SSL’s and if relevant, hosting migrations to Sellerdeck Desktop Servers, setup specifically to run the software at the optimal level. Not only will we implement the SSL, but we will also complete all necessary redirects and Google advisory changes to help maintain existing search listings.
This package is called Sellerdeck 365, and will incorporate software, hosting and SSL, alongside telephone technical support all year-round. Customers can also incorporate Sellerdeck Payments and Feefo Reviews into their core package. This will create a strong infrastructure including all essential e-commerce services.
Note: This article is meant as a guideline and is not legal advice.
If you have any questions regarding GDPR, getting an SSL Certificate for your website or about our Sellerdeck 365 package, then please don’t hesitate to contact us on 0845 129 4888 or email email@example.com