DSGVO-checklist: what you need to offer your Website
So that you not sensitive to high penalties, you should set yourself apart as a web site operator with the DSGVO thoroughly. Otherwise, penalties of up to 20 million euros or four percent of the worldwide turnover can be striking.
- One of the core statements of the new DSGVO Privacy by Design means that privacy should be implemented in the mechanisms of data processing technical. In other words: The Design of a data processing operation must be implemented in accordance with the DSGVO and should allow, from a technical point of view, no deviations.
- In addition, a mandatory requirement for a well findable and understandable privacy statement. This allows you to integrate, for example, in the footer. Sample privacy policies, see - for free - on the Internet
- Next, you need a so-called processing directory. In it, you need to hold on to, what information will be stored for what reason and by whom for how long. The legislature to be in the Form of this directory, no major requirements, on the Internet you can find some templates to do this.
- Probably you have implemented the note-a Banner for the use of Cookies. If not, it is high time to do so. It is best to put next to the Banner is a Button that says "Yes, I agree" link next to the privacy statement.
- If you use forms for data collection, the user must agree to be active, this information is to be stored. An example of a contact form, you simply add a Checkbox for consent. However, make sure that the Checkbox is not selected - this step is to make the users themselves.
- An important point of the DSGVO is that you need to deliver as a web site operator to its users for free, all of the data that you have stored about them. So you should be able to do that at the request of the user.
This is important in the DSGVO (source: Pixabay)
DSGVO: External provider check
If you use external services for data processing approach, you need to ensure that they also act in accordance with the DSGVO, regardless of whether these countries are in the EU or in the EU-resident. If you have data on a Web process, for example, your customer Tool, you need to obtain from the operator a written confirmation that the DSGVO is adhered to. If you don't, you are liable for the violations of the external service provider.
- Another important point is the Social Sharing Icons are. The small buttons to Share a page send unsolicited user data to the respective provider. For example, if you go to a page with a "On Facebook share"Button, get Facebook automatically the Info that you were on this page - also, if you have not clicked on the Button it is. In the future, this data may be transmitted only after you Select the Share Option.
- If you use external Tools such as Joomla or Wordpress to Create your Website, you should ensure that these also correspond to the DSGVO.
- Also the use of Google Analytics can cause problems. You must disclose in your privacy statement, you must also allow your users the option of data collection to stop. Also, you need to anonymize the IP addresses of the users. This is a Snippet of "anonymizeIP". You must also complete an addition to the processing of data with Google.
Fit for the DSGVO (source: Pixabay)
In the next article you will learn everything you on the topic of privacy and Google should know.
