Since 25 May 2018 the General Data Protection Regulation (AVG / GDPR) has been applied. This European privacy regulation regulates the legitimate and careful handling of (personal) data.
In this blog post we will discuss some topics for website owners where you can expect particular changes.
For all member states in the EU, the same rules on privacy apply from 25 May. For many websites, these new regulations have major consequences, for example in the area of cookies, newsletters and storing user data.
The General Data Protection Regulation (AVG) gives people more opportunities to stand up for themselves when processing their data. For companies, much more emphasis is placed on accountability . You must be able to demonstrate as a company that you comply with the law. Reporting violations becomes simple, and follow-up will (also) have to be done. Fines can be extremely high (up to 20 million euros).
The law also applies to small SMEs and freelancers who process data. Such as tracking customer appointments, customer phone numbers or personnel information.
Processing of personal data
You may only collect personal data if you also have an explicitly stated purpose for it and this data must be secured against theft and loss. You must meet at least 1 of the below conditions before you record information:
- Permission from the person whose data is processed has given permission for this
- the data processing is necessary for the execution of a legal obligation (for example the data that the tax authorities register for the taxation)
- the processing is necessary for proper fulfillment of a public-law task (for municipalities, for example)
- the processing of data is necessary for the representation of a legitimate interest (for example if it is necessary for proper business operations), unless the interest of the person involved weighs more heavily. For example, this provision includes the execution of a direct mail action.
Please note that you also have a good privacy statement, which indicates, among other things, in clear language which data you save and for what purpose. It goes too far in this article to describe this exactly, so we recommend contacting a branch organization or expert.
Under the previous legislation, sending newsletters to customers who had ordered something via a webshop was allowed. That changes, also with retroactive effect. From May 25 it is only allowed to send newsletters if you have received explicit permission (for example because someone has put a check mark), and you must also be able to show this afterwards by, for example, time + dates and the text of the checkmark together with the e mail address. There are a few exceptions to this, so look carefully at your specific situation and decide together with an expert whether or what changes are needed.
Sufficient security mandatory
An example of adequate security is having software up-to-date so that there are no (known) security breaches.
For example, if you have a contact form on your website or if personal data are exchanged, SSL encryption is a minimum requirement. A professional SSL certificate can be requested separately for your website via https://www.henselhosting.nl/ssl-certificaat-bestellen , or you can use the Control Panel on https://my.codeorange.co.th/ under the heading SSL Let’s Install Encrypt SSL.
Note: If you process personal data that is sensitive, such as medical information, the security requirements are stricter. For example, storing them in a database on shared hosting is no longer sufficient security.
If your data is managed or stored by a third party, you have to conclude a so-called processor agreement indicating the responsibilities.
Soon we will make a general processor agreement available that you can sign as a company if you store data with us, for example.
Note: This is only a personal interpretation of the current rules. We are not legal experts and we advise you to call in a specialist when in doubt.
The internet took a deep dive into Brave Private Browser, to figure out why it has become increasingly popular to users. Here’s what you need to know to decide whether Brave’s for you. What makes Brave browser special amongst other browsers is its speed and the privacy protection it provides to users, both a…
Firefox Private Relay is a new add-on service by Firefox maker Mozilla; the service is designed to reduce unwanted emails and spam by generating unique aliases acting as a proxy email service to hide the user’s email address from advertisers and spam operators when signing up for a web form. The service entered testing last month…
As the COVID-19 virus spread across the globe, the business landscape was forced to make a number of swift changes. Almost overnight, the video conferencing app Zoom becomes the go-to option to hold lessons, business meetings, and sensitive discussions. The surge in popularity, the firm was also bombarded for issues related to its privacy and…
While it is a best practice to always use the latest version of PHP, compatibility is also an important factor to consider before upgrading. Starting May 2020 it is now possible to choose which PHP version your account uses via the Control Panel. Note: this is done per account (username), not per website. You cannot use different PHP…
One of the ways to slow down the spread of the Corona virus (and keeping hospitals within their capacity) is by working remote. Seemingly overnight, remote work has become part of many people’s workweek. The concept of working from home is not the same as sitting in an office together. While you save time on…
Let’s Encrypt, which offers free multi-domain HTTPS certificates has now issued a billion free SSL certificate in the last 4 years. Let’s Encrypt is a free, automated and open certificate signing authority (CA) from the nonprofit Internet Security Research Group (ISRG). has officially announced with a blog post stated it’s issued a billion certificate since…
Mozilla’s Firefox browser is widely regarded as the most privacy-friendly mainstream browser available. The reason for its popularity among privacy-heads is the large number of add-ons available that can greatly improve the privacy and security of your browsing. This will show you how you can make Firefox more private and secure with a few simple steps. Read…
Privacy and Security specialists are in the middle of a very public fight over the future of internet encryption. At stake is how DNS traffic – the network queries that translate people-friendly domain names into server IP addresses-should be encrypted. No one is arguing that DNS shouldn’t be encrypted. The disagreement is over how that encryption…
In today’s digital world, most of the things that we need are just one click away with our computers and cellphones. As a user, you are constantly monitored. But that is also up to the user. If you want to be monitored less then you should perhaps not enjoy all those services. Is it perhaps too much…
In a post on the Chromium Blog on Monday, Google has reported a future feature that will notify users when a site may load slowly, while it will reward those sites that offer fast experiences with a clear badging. “Badging is intended to identify when sites are authored in a way that makes them slow…