Ensuring GDPR compliance in our work
Following are some actions which we take to ensure that your website is compliant with GDPR.
Our responsibilities relating to the points below may vary depending on our role in each particular project. Our responsibilities will be clearly outlined in a contract before commencing work.
Secure data transmission
“Https” connections are used to protect data in transmission.
Collection and usage of data
We ensure that our clients’ Data collectors understand how data is collected and where it is stored. When using third party services such as Google Analytics, we provide our clients with documentation on how these parties handle data.
Cookies and session management
We implement Cookie consent to make consent from the website user available prior to capturing data using cookies and session management.
Data subjects are provided with a method to access, change and remove collected data. We generally use CookieYes services to allow Data subjects manage their cookie preferences.
Data subject Access Requests (DSAR)
Data Controller/Processor responsibility
Our role as Data Controller, Joint Controller or Data Processor will be agreed and outlined in our contract before commencing work.
Third party services
When using third party services, we make sure that they comply to GDPR. Data collectors (client) should be well aware about how they work and handle the collected data.
Handling data breaches
GDPR states that any form of breaches should be informed to users and relevant authorities with 72 hours. Data collectors should have a method in place to inform breaches and should include all the parties that should be aware about the breaches.