Have you recently heard of the GDPR (General Data Protection Regulation) or perhaps had to review and re-approve specific terms of use for your favorite applications? But what does it mean? This article summarizes the regulation and what you need to know about your WebSelf website!
*** Just so you know, WebSelf does not offer legal advice, and none of the information in this article is legal advice. If you have questions, we encourage you to consult an expert.
What is the GDPR?
The GDPR (General Data Protection Regulation) is a regulation of the European Union that constitutes the reference text for protecting personal data. It strengthens and unifies data protection for individuals within the European Union. The law came into effect on May 25, 2018.
According to the principle of intellectual property of confidential information, the GDPR grants citizens the following rights:
- Access to their data
- Knowledge of how their data is used
- Request for correction of errors
- Limitation of data processing
- Obtain and reuse their data
- Refusal of specific uses
- Request the erasure of data ("right to be forgotten")
- Ask for an explanation of automated decisions
- Be informed if a breach is detected
Where does the GDPR apply?
The GDPR applies to the 28 countries of the Eurozone and to all companies processing the data of European citizens, directly or indirectly.
Am I affected by the GDPR?
The GDPR concerns any website that collects and analyzes information such as name and surname, postal address, phone number, banking data, etc. Therefore, every WebSelf user is affected by this law.
Regarding WebSelf
What personal data is collected about me?
We collect and process, among others, your name, first name, address, email address, password, phone number, IP address, connection data, browsing data, order history, and preferences.
Some data is automatically collected based on your actions on the site, and partners may transmit other information.
We collect the information you provide to us, especially when:
- You create your customer account on our site
- You place an order on our site
- You browse our site and view pages
- You participate in a game or contest
- You edit and publish your site
- You contact our Customer Service
- You write a comment
- You view our ads
How do we use the information we collect?
- To provide, improve, and develop our services
- To create and maintain a reliable and secure environment
- To provide, personalize, and improve our marketing advertisements
Concerning your WebSelf site
Modifications of your privacy policies and Google Analytics
This new regulation will likely change some aspects of your terms of use and sales conditions if you have an online store. First and foremost, you must update your legal notices to comply with the GDPR rules. These legal notices should include four points:
- Identity of the data collector
- Retention period of the data
- Purpose of the collected data
- Information about user rights
You'll need to keep a clear and precise record of your data processing and respond to requests about the data you collect. Our partner Captain Contrat can assist you in this process for our French clients.
If you use Google Analytics, you must follow these three steps to be compliant:
- Go to analytics, click on administration, account settings, review the changes, and finish.
- To declare the data processors, click on administration, account settings, manage DPA details, and fill in the three GDPR conditions (main contract, DPO contract, and a representative from the European Economic Area). Only the main contract must be filled out for small structures.
- You will need to configure a data retention period. To do this, click on the property, go to administration, tracking info, data retention, and choose a retention time.
Options we have added to help you be compliant
-
In your site's Settings, in the Cookies section, we offer the Cookies consent banner feature.
A standard consent banner appears by default, on your website's homepage, asking for consent from your visitors.
** This function is activated by default, it is up to you to deactivate it according to the legal framework of your country of residence to comply with the legislation in force.