GDPR immediate measures
The new General Data Protection Regulation has been in force since May 2018. Since there is uncertainty among many customers, we have defined five pragmatic immediate measures so that the customer is on the safe side in the short term and shows that he takes data protection seriously. It goes without saying that it is up to the customer to decide which measures he ultimately wants to implement. If a customer exclusively addresses Swiss visitors, it is not absolutely necessary for our understanding to implement all of these points.
1. Create and implement data protection guidelines with e.g. this generator:
https://dsgvo-muster-datenschutzerklaerung.dg-datenschutz.de/?lang=en
https://dsgvo-muster-datenschutzerklaerung.dg-datenschutz.de/
Alternative GDPR generator in German and English with various options for Google Maps, Mailchimp etc:
It is important that the external scripts contained therein (e.g. Google Analytics, Google Maps, Fonts, Recaptcha, Addthis, Facebook, advertising tags), which transmit data, are also included.
We would be happy to make a proposal for you, but you have to approve it.
2. Complete all forms (including newsletter registration, account creation and comment function) with a checkbox. This checkbox is deactivated by default:
Sample text "You agree that your data will be used to process your request. You can find further information and revocation instructions in the data protection declaration."
3. Switch website to HTTPS / SSL
4. Switch Google Analytics to Anonymous IP
ga('set', 'anonymizeIp', true);
5. Include cookie warning
The current situation with cookies is still unclear. The EU wants to regulate the issue with the " e-privacy regulation ", which, however, should only come into force in the course of 2019. Swiss websites currently have to inform users about the use and purpose of cookies.
Annotation
The above points are non-binding recommendations. We do not offer legal advice. If you want maximum security, we recommend contacting a specialist lawyer. You should also discuss the internal implementation of the GDPR and other topics that do not directly affect the website with an expert.
If you want to equip your website with these points, please get in touch with your contact person.
Useful resources
Practical implementation tips for SMEs
The Bavarian State Office for Data Protection Supervision has put together practical samples for a wide variety of industries for small and medium-sized companies and associations:
https://www.lda.bayern.de/de/kleine-unternehmen.html
Data protection generator DE and EN
https://dsgvo-muster-datenschutzerklaerung.dg-datenschutz.de/
WordPress Plugin
https://wordpress.org/plugins/shapepress-dsgvo/
Cookie notice script
https://cookieconsent.insites.com/download/
Google Analytics and GDPR
https://drschwenke.de/google-analytics-datenschutz-muster-faq/
Network week dossier
http://www.netzwoche.ch/eu-dsgvo