This is a short post regarding GDPR compliance, which came into effect on 25 May 2018. General Data Protection Regulation (GDPR) requirements, deadlines and facts
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.
Companies that collect data on citizens in European Union (EU) countries will need to comply with strict new rules around protecting customer data by May 25. The General Data Protection Regulation (GDPR) is expected to set a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in place to comply.
Compliance will cause some concerns and new expectations of security teams. For example, the GDPR takes a wide view of what constitutes personal identification information. Companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.
That being said, any cookies on my website are there for normal website functioning. These cookies cannot be switched off because the website would not operate without them. However, it is my understanding, these identifiers do not store any personal data. What are cookies?
Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).
Both websites and HTML emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted.
Many of the cookies used are only set if you are a registered WordPress.com user (so you don’t have to log in every time, for example), while others are set whenever you visit one of our websites, irrespective of whether you have an account.
When you leave a comment on a WordPress blog, such as this one, WordPress will automatically store your Gravatar image, your comment, your IP address, and your email address. I would only use this information to contact you when we have a giveaway on the blog. Leaving a comment is considered a definite intention, as defined by GDPR, providing me consent to store this information and permission to contact you in the future.
Please rest assured your personal information will not be sold or shared with any third parties under any circumstance. If you wish your information removed, please contact me privately.
If for whatever reason you do not agree with the above, do not leave a comment on this blog.
I do not currently maintain an email list nor do I send out a newsletter, but you should pop by periodically to see if any changes have occurred.
Here are some other Resources you might find helpful if you have questions about GDPR: