GDPR and website forms – an easy peasy guide
tl:dr; A lot of businesses websites use sign-up forms on their websites – a newsletter subscription, contact form etc. How do you make these forms GDPR compliant? 2 min readAs a business you must be aware that speeding up the cold lane is the deadline for firms to update their processes to being GDPR compliant.
Essentially, this means treat your users, your subscribers, your customers data with respect.
GDPR = Generally Do Participation Right?
As a business you will more than likely come across a time when you have to use a form on your website – a newsletter subscription, contact form etc.
Up until now you would simply build something that consists of name, email and maybe even a paragraph text area for comments.
If you’re selling products maybe even a few select menus with choices etc.
So, nothing unusual about that, but, how do you make sure you don’t fall foul of the GDPR rules and end up with a $20million fine? Pay a GDPR gooroo £thousands? No, it’s easier than that – add an option for the user to opt-in.
Obligate the opt-in option
Let’s presume you have a form already on your website. It consists of fields for name, email address and a section for comments and, of course, the submit button.
Just below all these default fields, you will need to add a checkbox or radio button with relevant text – something like “i agree to you collecting and storing my data and I have read your privacy policy … “ with a link to your privacy policy etc.
There are a few more steps to take but, that’s basically all you need to do on your on-site forms.
While you’re sniffing around in the admin area of your website, you should also take a look at your privacy policy.
One area that people are not yet adding is what is known as ‘Right to be forgotten’. In general, this allows your subscribers etc to request any data you hold on them to be destroyed.
Again, very simple to do, just add a form, like the one below.
We have a mailing list that people can be added to, therefore, we store those details on our account with Mailchimp – we also added a choice for staying on the mailing list or not – see this in action on our privacy policy.
Of course, I am not a legal expert and all the above information is not legally binding and could even be incorrect, to which I am more than happy to correct, but, cannot be held legally responsible.
If you need help getting your business website GDPR compliant, of course, contact us direct today.
