GDPR EU Compliance

There has been much adieu about the European Union GDPR (General Data Protection Regulation) which goes into effect May 25, 2018. This is Europes attempt to improve the security and privacy of its citizens information. I have not read it all, but it is quite an extensive piece of legislation. The bottomline is if you are operating a website it needs to be in compliance with this regulation.

Checking GDPR Compliance

As best as I can determine, if you are running a website that is pretty much only viewed locally in the United States, you probably don’t have to worry about the GDPR. However, if you are running a website like Macessence which is actually viewed in other countries including the European Union, you need to be in compliance with the GDPR. As far as websites go, the GDPR deals with something called Cookies. Cookies can be defined as:

Cookies are usually small text files, given ID tags that are stored on your computer’s browser directory or program data subfolders. Cookies are created when you use your browser to visit a website that uses cookies to keep track of your movements within the site, help you resume where you left off, remember your registered login, theme selection, preferences, and other customization functions. The website stores a corresponding file(with same ID tag)to the one they set in your browser and in this file they can track and keep information on your movements within the site and any information you may have voluntarily given while visiting the website, such as email address.

So, how do you know whether your website(s) are in compliance with GDPR? I did not have a clue how to do this until I found the Cookiebot service online. Here is the main interactive window of Cookiebot:

Cookiebot Main Window

You enter your website address into the window and click on “Check My Website.” It then replies with a screen requesting an email address:

email request

When you give them an email address you will receive an email from them to confirm the email address:

Email Confirmation

You will receive a confirmation response from them which advises the website check may take 20 minutes up to 24 hours. 

I am sure you have already seen one problem here. If you look at the fine print, it says if you supply your email address you are subscribing to some type of newsletter from the Cookiebot people. It does mention you can unsubscribe any time you wish. 

When Cookiebot has finished checking your website it sends you this notice:

Cookie Compliance

You may be asking, “why should I trust Cookiebot?” If you look around the Cookiebot website, they offer other services that cost money. It would be important for their website scanning system to be accurate, Cookiebot wants to make money in the long run.

Here is another website that I run for our local garden club:

Non Compliant

This site is pretty much only viewed locally. I may or may not try to bring it Into compliance with GDPR, time will tell on that.

Let me close with some final thoughts. If you are running websites that may be viewed by people in the EU, you will have to bring them into compliance with the GDPR, eventually. Especially if the sites track or retain people’s information in any way. I suggest using the Cookiebot website system to check your sites. Yes, you end up with a subscription, but you can always unsubscribe when the process is finished. The basic system is free, it is worth your while to check your sites.

Conclusion

If you wish to check your websites for EU GDPR compliance, then use the Cookiebot website. It is a little intrusive, but worth your time.