- Approved in 2016, but applied de facto since May 2018, the General Data Protection Regulation (GDPR) reinforces consumer rights at European level regarding the control of their privacy.
- The Regulation establishes a legal framework that affects all member states of the Union.
- Every minute data is collected and stored automatically – often without the owner of the website noticing it – such as: the IP addresses that the web servers keep in the log files , the personal data linked to the use of social buttons and cookies that store information about users and their browsing habits.
- Another sensitive topic is web analytics tools such as Google Analytics, which are responsible for recording web traffic. This Google tool is especially problematic in terms of data protection standards, since the IP addresses of users are stored on servers located in the United States.
- To reduce the severity of this problem, those in charge of managing web pages can reduce an IP address to the last range of digits, thus allowing it to lose the link with any personal information.
What Should We Include?
- In theory, every web administrator must inform their users about the collection and protection of their data and personal information before starting any type of activity. In practice, it is a bit complicated, so it is common for users to be informed at the same time as their data is collected.
- Paying attention to what is indicated in article 12 of the RGPD is very important. In addition, you can use design elements such as lists or tables to facilitate understanding of the content.
- Basically, it includes the identity of the person in charge of processing personal data, the reason why this data is collected and for how long and the user’s right to claim it or cancel its use.
We Explain These Rights More Fully Below.
- In addition to the name, the current postal and electronic addresses , as well as a telephone number, must be indicated.
- It is common to find general templates for data collection and others for special categories , such as social networks (Facebook, Twitter, etc.), cookies, contact forms or sending newsletters. It is also possible to find templates in which the requirement pages that use web analysis tools such as Google Analytics are outlined and that generally include a link for those users who do not agree with the collection and dissemination of their data.