General Data Protection Regulation – A Useful Guide

There’s recently been some hot topics emerging on the digital agenda this year to help keep you safe and secure both on and off line. At Digital Exchange, WE KNOW It’s always good to be in the KNOW and so here are a few notes in order of priority to help get things started and make you aware of changes that will be introduced soon.

Please read the three step guide noted below :

One – Required General Data Protection Regulation (GDPR)

Two – Advisory Cookie Policy

 Three –  Recommended Secure Sockets Layer Certificate (SSL)

One – Required – ​General Data Protection Regulation (GDPR). Everyone will be affected by the GDPR in different ways and this is dependent on your business and how it operates. It is your responsibility to ensure you and your business are prepared and ready for when General Data Protection Regulation (GDPR) comes into effect on May the 25th 2018.

This is a new law which has been approved by the European Commission that will attempt to strengthen, harmonise and modernise EU data protection law and enhance individual rights. This law effects how data is collected, managed and stored in its entirety.

Fundamentally GDPR is about ensuring the privacy of data that can be used to identify an individual, and the transparency that the user is able to view and have the information held about them edited and/or removed.

Disclaimer: This advice is for informational purposes only, and should not be relied upon as legal advice. We encourage you to work with legal and other professional counsel to determine precisely how the GDPR might apply to your organisation.

Further reading is available here

Data to consider is…

  • Website credentials
  • Client contact details
  • Related third party credentials such as Mailing List credentials


Two – Advisory – ​Cookie Policy. You may have noticed on some websites a notification to accept a Cookie Policy while visiting that website. You can see an example of this by clicking this link

It’s advised that you introduce a Cookie Policy notice to comply with various laws particularly for an international audience.

Cookies are a ‘kind of’ short term memory for the web. They are stored in your browser and enable a site to ‘remember’ little bits of information between pages or visits.

The Cookie Law is a piece of privacy legislation that requires websites to get consent from visitors to store or retrieve any information on a computer, smartphone or tablet. It was designed to protect online privacy, by making consumers aware of how information about them is collected and used online.

One main example of the use of Cookies is for Google Analytics. Cookies allow Google Analytics to track a users behaviour as they visit your website and also track information about their device type etc.


Three – Recommended – ​Secure Sockets Layer Certificate (SSL). It’s recommend that you upgrade the security and performance of your website by purchasing an SSL certificate. You can identify a website with an SSL certificate as it will have https:// at the start of it’s URL in the Address Bar, along with a padlock icon. This is used by secure companies such as banks and credit card companies to protect you when you log into your account to check or make changes to your fincances.

SSL is the standard security technology for establishing an encrypted link between a website server and a browser. This link ensures that all data passed between the web server and the browser remains private and integral.

What does this really mean? It means that an SSL certificate gives the end user peace of mind that the information displayed on the website is true and viewed as you would intend.

Adding an SSL Certificate starts from around £150 + VAT per annum.