Ensuring data privacy and security is one of the toughest challenges faced by legal authorities in the digital era. The General Data Protection Regulation (GDPR) was first proposed in 2012 and approved by the European Parliament in 2016 to impose legal obligations onto all organizations that handle personal data or offer goods and services to EU data subjects. On May 25th, 2018 the GDPR came into effect compelling companies to be compliant with all legal requirements to protect the data privacy rights of all individuals.
Get your Drupal-based website GDPR compliant
According to the EU data privacy and security law (GDPR), all websites that collect, store and process personal data of the EU data subjects must be compliant with GDPR. Non-compliant websites can be penalized by fines of up to 20 million EUR or up to 4% of a company's annual global turnover.
At 1xINTERNET we offer full support regarding GDPR compliance: from consultancy to implementation. We ensure your website security and transparency in communication in order to build trust between your company and your customers regarding personal data.
Secure (Fewer data breaches)
Transparent (Clear communication)
Reliable (Greater user trust)
What is personal data under GDPR?
According to Article 4 GDPR, “personal data” is defined as any information related to an identified person (or “data subject”). Websites may collect the following personal data:
- Tracking data - Google Analytics, Matomo (formerly Piwik), etc.
- Newsletter data - Mailchimp, CleverReach, Campaign Monitor, etc.
- Social media data - Facebook, Twitter, Instagram, etc.
- Web forms contact - form, feedback, inquiries, etc.
- User data - login data, purchase data, processing data, etc.
This also includes such identifiers as connection data (IP address and cookies). In accordance with GDPR, companies are required to systematically record, review, adapt and secure all personal data collection and processing operations including its subsequent use by third parties.
Our services to ensure your GDPR compliance
Website security
The first step to achieve GDPR compliance is to ensure your website is secure. We provide you with strong encryption and secure data transfer mechanisms, protect your website against unauthorized accesses and DDoS attacks. Along with the encryption of backups and automated security updates we achieve a high level of protection for the use of personal data and guarantee optimal website performance.
Consent (cookie) banner
Explicit consent from users to handle their personal data is necessary to be compliant with GDPR. All websites should include a pop-up cookie banner on the user’s first visit with the possibility to opt-in or opt-out of data tracking. We support you in the integration of the consent banner into your website, its configuration and individual styling. At 1xINTERNET we work with both types of consent management platforms: hosted (Usercentrics or Cookiebot) and open-source (Klaro).
Website forms
Designing GDPR compliant web forms that hit conversion targets is one of the biggest challenges for the majority of companies. Our team of Drupal experts can help you to achieve this goal. We guarantee the building of secure web forms of any complicity, its customization according to your requirements and including all of the necessary features (mandatory checkboxes, opt-in options, privacy statements, links, etc.) to ensure your web forms are compliant with GDPR.
Contact us and become GDPR compliant
Comply with 8 principal rights of GDPR
The right to be informed
The right of access
The right to rectification
The right to be forgotten
The right to restriction of processing
The right to data portability
The right to object
The right related to automated decision making
In order to comply with GDPR, organizations have to respect the 8 principal rights of data subjects and guarantee a lawful basis for handling their personal data. The General Data Protection Regulation stipulates that all individuals should be sufficiently informed about the collection and processing of their personal data. To achieve this, the privacy policy should be a core feature of your website and include all essential information regarding the use of the personal data of your users. The information should be clear, unambiguous and easily accessible. It should inform users about their rights and your legal obligations with regards to the collection, storage and processing of their personal data.
At 1xINTERNET we always recommend obtaining professional consultancy from your own DPO (Data Protection Officer) or any other empowered organism to ensure your privacy policy includes all necessary information in accordance with GDPR legal requirements.
