GDPR is coming into force later this month (25th May 2018), while you’re preparing your company for the change, is your website ready?

You might think that you’re not collecting any data on your website, but think again. If you’re using Google Analytics, retargeting software, a contact/enquiry form or an online payment gateway, then you need to make some changes to become compliant.

To get your website ready with the new GDPR regulations taking effect on 25th May 2018, the following are essentials to add or update on your site:

  • Cookie Policy
  • Cookie Notice
  • SSL Certificate
  • Website Privacy Policy


GDPR compliance will not only stop you from facing hefty fines (up to €10 million or 2% of the company’s global annual turnover, whichever is greater) but will also help keep your user data safe, protect your organisation, secure against potential threats and limit the impact of data breaches.


Cookie policy

Cookies are small files that are stored on your computer which hold information about the websites you have visited. This allows the server to use your information to deliver a better user experience, such as storing login information ready for you next visit. A cookie policy needs to tell your website visitors what cookies are used on your site and for what purpose.

For more information click here.

We can add a cookie policy to your website and a pop-up notification to tell visitors your website uses cookies.


SSL Certificate

Take a look at the green padlock next to our web address, that’s an SSL Certificate. It encrypts data communication between the server and the user.

An SSL is also highly beneficial for SEO, meaning if you don’t have one, your website will struggle to appear in Google’s search results.

You can find out more about what is an SSL certificate is and why you need one on our blog.

We can add an SSL certificate to your website to keep your data encrypted.


Website Privacy Policy

A website privacy policy informs the user of what information you collect on your website, how you use it and who to contact if they have questions.

If you already have a website privacy policy, great. Make sure it meets all of the requirements for GDPR.

If you do not have one, and would like our team to put one together, we will require some information about your company. We can send you a form to fill out to get this information. If we built your website, we will know what information is collected, but we will need you to tell us how you use this data.

This website privacy policy will only cover the information collected via your website, not your whole company. For help being fully compliant visit the ICO Website.


If you would like to get your website GDPR ready, contact the Brace team today.