Get to know EU new privacy law (GDPR)

Since 25 May 2018 the General Data Protection Regulation (AVG / GDPR) has been applied. This European privacy regulation regulates the legitimate and careful handling of (personal) data.

 

In this blog post we will discuss some topics for website owners where you can expect particular changes.

In short

For all member states in the EU, the same rules on privacy apply from 25 May. For many websites, these new regulations have major consequences, for example in the area of ​​cookies, newsletters and storing user data.

The General Data Protection Regulation (AVG) gives people more opportunities to stand up for themselves when processing their data. For companies, much more emphasis is placed on accountability . You must be able to demonstrate as a company that you comply with the law. Reporting violations becomes simple, and follow-up will (also) have to be done. Fines can be extremely high (up to 20 million euros).

The law also applies to small SMEs and freelancers who process data. Such as tracking customer appointments, customer phone numbers or personnel information.

Processing of personal data

You may only collect personal data if you also have an explicitly stated purpose for it and this data must be secured against theft and loss. You must meet at least 1 of the below conditions before you record information:

  • Permission from the person whose data is processed has given permission for this
  • the data processing is necessary for the execution of a legal obligation (for example the data that the tax authorities register for the taxation)
  • the processing is necessary for proper fulfillment of a public-law task (for municipalities, for example)
  • the processing of data is necessary for the representation of a legitimate interest (for example if it is necessary for proper business operations), unless the interest of the person involved weighs more heavily. For example, this provision includes the execution of a direct mail action.

Please note that you also have a good privacy statement, which indicates, among other things, in clear language which data you save and for what purpose. It goes too far in this article to describe this exactly, so we recommend contacting a branch organization or expert.

Newsletters

Under the previous legislation, sending newsletters to customers who had ordered something via a webshop was allowed. That changes, also with retroactive effect. From May 25 it is only allowed to send newsletters if you have received explicit permission (for example because someone has put a check mark), and you must also be able to show this afterwards by, for example, time + dates and the text of the checkmark together with the e mail address. There are a few exceptions to this, so look carefully at your specific situation and decide together with an expert whether or what changes are needed.

Sufficient security mandatory

An example of adequate security is having software up-to-date so that there are no (known) security breaches.

For example, if you have a contact form on your website or if personal data are exchanged, SSL encryption is a minimum requirement. A professional SSL certificate can be requested separately for your website via https://www.henselhosting.nl/ssl-certificaat-bestellen , or you can use the Control Panel on https://my.codeorange.co.th/ under the heading SSL Let’s Install Encrypt SSL.

Note: If you process personal data that is sensitive, such as medical information, the security requirements are stricter. For example, storing them in a database on shared hosting is no longer sufficient security.

Processing agreement

If your data is managed or stored by a third party, you have to conclude a so-called processor agreement indicating the responsibilities.

Soon we will make a general processor agreement available that you can sign as a company if you store data with us, for example.

Cookies

Finally, check the use of cookies on your website. There was already a cookie law, but the rules have now been tightened. For example, a cookie wall (refusing visitors who do not accept cookies) is no longer allowed if you use tracking cookies. You must also show clear information about the use of cookies if you collect information (also those that are placed via Google Analytics, for example, if you do not use them in an anonymous way).

Note: This is only a personal interpretation of the current rules. We are not legal experts and we advise you to call in a specialist when in doubt.

 

Why You Should (not) Do Your Own Hosting

By Rutger | March 14, 2018 | 0 Comments

Hosting your own website looks simple for those of us who have some technical skills. And it is. You could be up and running in an hour or so, hosting your own website on a computer in your office or at home, using the existing internet and computer. It’s true, the basics are simple. You…

Get to know EU new privacy law (GDPR)

By robert | October 11, 2018 | 0 Comments

Since 25 May 2018 the General Data Protection Regulation (AVG / GDPR) has been applied. This European privacy regulation regulates the legitimate and careful handling of (personal) data.

Code Orange Is Now Officially .CO.TH Accredited

By robert | August 16, 2018 | 0 Comments

Looking for a domain name under .co.th, or any other extension? Come to us! Get a .ธุรกิจ.ไทย for free.

Say Hello To The New (WordPress) Editor, Gutenberg.

By robert | August 14, 2018 | 0 Comments

WordPress users might already know that the new WordPress 5.0 is coming up with a new editor called Gutenberg. The new WordPress editor is expected to officially replace the current one at some point later this year. But with the latest 4.9.8 software update, WordPress is already giving us a chance to try some great…

Two Major Thai Banks Hacked

By robert | August 9, 2018 | 0 Comments

Hackers have stolen the information of at least 123,000 customers in a massive data breach at two major commercial banks.

Thais Spend More Time On The Internet This Year

By robert | August 2, 2018 | 0 Comments

Have you ever wonder how much time do you spend on the internet each day?

Chrome Is Now Officially Marking All Non-SSL Sites As ‘Not Secure’

By robert | July 26, 2018 | 0 Comments

It started from two years ago that Google wanted to make the internet a safer place for users by naming some unencrypted sites. Now Chrome is ready to call out all non SSL sites as not secure, officially.

Facebook Confirmed To Launch Internet Satellite Early 2019

By robert | July 26, 2018 | 0 Comments

Last week, Google just announced free wifi hotspot project called “Google Station”. This week it’s Facebook turn to confirm their internet satellite project.

Google’s Free WiFi Is Here In Thailand!

By robert | July 19, 2018 | 0 Comments

The wait is over, Google’s free wifi hotspot service has finally arrived Thailand after India, Indonesia and Mexico City.

Let’s Check How Fast Your Website Is

By robert | July 16, 2018 | 0 Comments

Google says that if your website takes longer than 3 seconds to load, you will lose half of your visitors because they don’t want to wait (do you?). Not just that, your ad rank also will be not be on the top anymore because Google want to show the best result. That means it doesn’t…