About the author

Avatar for Paul Clapp

Paul Clapp

Paul’s extensive background is in web design and marketing and he is responsible for delivering each client’s vision. Paul oversees all aspects of the web development cycle, from the graphic design and content imagery through to technical SEO and digital strategies.

Connect with Paul on LinkedIn.

10 things your business needs to know about GDPR

10 things your business needs to know about GDPR

Posted: 15th February 2018

With the new GDPR rules coming into effect in a few short months, now’s the time to ensure your business collects and uses personal data correctly before it’s too late. But what does it all mean, and more importantly, what do you need to know to make sure you and your customers are protected?

Under the current UK Data Protection Act 1998, all businesses are allowed to collect personal customer information including, but not limited to, postal addresses, telephone numbers, and email addresses. That information can then be stored, collated, and used to create mailing lists which, in turn, are used for business marketing purposes to consumers.

But with the EU’s new General Data Protection Regulation (GDPR) act coming in, the way businesses are allowed to collect and use that information will be different. And the results will mean big changes in the way your business markets itself to customers.

So what is GDPR in a nutshell?

GDPR is a set of updated official rules and regulations that follow on from the current outdated Data Protection Act, with far more prominence on digital data. With its implementation, it gives consumers more of a say in how businesses use their personal data.

The new GDPR rules will be virtually identical across the whole of the EU, and will apply to all businesses based in, and/or trading in, the EU. Every business will have to comply with GDPR rules if they want to start, or continue collecting customer data and information from anyone in the EU. And GDPR will be much stricter than current data laws, with any businesses that don’t comply facing big fines. So how do you make sure your business is covered? Here are our 10 things on GDPR you need to know about.

10 things your business needs to know about GDPR

  1. New GDPR rules start on May 25th 2018. You have until then to make sure your business is fully compliant
  2. Failure to comply could result in fines of up to £20m or 4% of your global annual turnover
  3. Personal data isn’t just names and addresses anymore. It covers far more digital data such as email addresses, bank details, social media information, IP addresses, and even photos.
  4. If your business suffers a data breach of any of the new GDPR rules, you must report it to the Information Commissioner’s Office (ICO) within 72 hours, and notify all parties who are affected
  5. You must implement a double opt-in process whereby consumers tick a box to say they want to receive marketing information from you, then confirm this action via email
  6. You must keep full records of all the data you’ve collected and your reasons for doing so. More detailed information about this will also need to be given to consumers
  7. Consumers will have the ‘right to be forgotten’. This means that upon request, you must completely erase all their data, including any affiliate businesses or organisations that hold copies of it
  8. Businesses will no longer be allowed to charge consumers who request access to their data. You must also comply with their request within 40 days.
  9. You’ll need to appoint a Data Protection Officer if your business undertakes data monitoring on a large scale, processes large amounts of personal data of a sensitive nature, or comes under a public authority
  10. GDPR is applicable to the UK before, during, and after the UK’s withdrawal from the EU

How will GDPR affect your website?

Many, and hopefully all, business websites will currently have information relating to their privacy and cookie policies readily available and accessible online. However, as both these policies pertain to the use of personal data, with the introduction of GDPR, they’ll need to be amended and added to in order to comply.

Your website’s privacy policy should be written in clear and plain language, without jargon, and with as few technical terms as possible. Its aim should be to keep information clear, concise and transparent, and clearly understood by anyone without any grey areas.

Though there are more detailed inclusions for your privacy policy, the objective is to make your site visitors aware, and more informed about exactly how their data will be stored or used.

On-site cookies

Your cookie policy will also be affected by GDPR. Cookies store information about users such as names and login details, and provide you with information on their browsing habits. Therefore, it falls within the remit of personal data under the new GDPR act.

Back in 2012, it became law that every website using cookies was required to make every site visitor aware of the fact, and to gain their permission accordingly through a pop-up window stating ‘by using this site you accept cookies’. Under new GDPR rules, this is now not enough. Much like the privacy policy, you will need to state how the cookie information will be stored and used, while giving a clear ‘opt-out’ option as well.

Put simply, any visitor to your site must be able to fully understand how their personal data will be collected, stored, and used. By doing so it fulfils the main objective of GDPR, which is to make it just as easy for a user to withdraw their consent, as it is to give their consent.

Your next steps

Many points in our list of 10, as well as the cookie and privacy policies, might appear daunting, as well as making it seem more difficult for you to communicate with your customers. But in the long term, it will be much easier for both you and consumers to monitor the way in which data is processed and used.

While compliance now will probably mean a short term investment of time, people and money, you’ll be fully prepared and ready when GDPR becomes law in May.

If you have any questions about GDPR compliance and your website, feel free to get in touch with the team at Priority Pixels – email us at hello@prioritypixels.co.uk

Back to Blog

Company News

We’re hiring! Are you our next Office Administrator?
A Winning Season for Newton Abbot Rugby Club
Bespoke SEO Strategy for Homeleigh Garden Centre

Digital Marketing

The Best CRM Software for 2022
What are the Best Call Tracking Software Apps?
Practical Ways to Secure Your Information on Data Protection Day

Web Design

What is a Sitemap and Why is it Important?
National Coding Week 2021 with Priority Pixels
New Website For Australia Based Knox Learning Alliance

Best of Websites

50 Best SEO Agency Websites of 2022
50 Best Charity Websites of 2022
50 Best Social Media Agency Websites of 2022


How to Optimise Your Website for Successful Lead Generation in 2022
Five Tips for Increasing E-Commerce Website Conversion Rates on WordPress (That Actually Work)
How Do You Optimise a Blog Post?

Industry News

How to Achieve Effective Lead Generation through Marketing Automation
Why Time Tracking is Important for Your Marketing Team
5 Proven Ways To Improve E-Commerce Business Performance

What we do

Priority Pixels is a digital marketing agency offering a full range of creative services designed to help our clients stand out from the crowd.

Our experienced team will work with you to drive your business forward online by creating websites that are built to last, memorable branding, clever SEO and paid advertising campaigns that work.

By providing innovative digital experiences for your target audience, improving customer interactions and offering authentic engagement through market leading campaigns we can deliver the results your company needs.

View all services

Some of our clients

National Trust
Epwin Group
Force Cancer Charity
Memory Matters
Gainsborough Healthcare Group
The Long Paddle

We're ready to help you

We know how daunting the digital world can be; whatever your project, no matter how big or small, we're here to help. Book a call or drop us an email and we can discuss your exact requirements.

Book a call Email us
Book a call
Email us