GDPR – Privacy notices and security, putting a plan in place.

Of the many factors that are listed in the GDPR, website privacy and security is something we are implementing for our clients’ websites’ to make sure their website is running a “best practice” policy.
This checklist highlights steps we are going to take now to prepare our clients for the General Data Protection Regulation (GDPR) which will apply from 25 May 2018. They cover:

  1. Collecting information through website forms
  2. Privacy Policy
  3. Keeping WordPress running the latest version
  4. Vulnerability Updates

Step 1. Collecting data on your website

The ICO says…….
“… will need to explain your lawful basis for processing the data, your data retention periods and that individuals have a right to
complain to the ICO if they think there is a problem with the way you are handling their data. The GDPR requires the information to be provided in concise, easy to understand and clear language.”
We are going to make it very clear why information is being collected and how it will be used. Here’s an example of how we are going to adjust the forms:

Graphics from (EConsultancy)
Things we need to look at whilst reviewing the website forms
(Direct from the ICO website)

  • Consider whether you actually need to collect information about people. Don’t ask people to login, register or provide their personal details unless you need them to. It is acceptable to ask for this information once people make an enquiry or decide to do business with you.
  • When you collect information about people they should know who you are and what you’re going to do with their information. There should be a clear, prominent explanation of this on your website.
  • You are under a legal duty to keep customer information secure. Ask your IT supplier to give you advice on encrypting information and make sure staff with access to the information are trained to keep it secure and look after it properly.
  • If you use a subcontractor, for example to manage your database, make sure there is a written contract in place that requires them to look after your information properly, including keeping it secure.
  • Ensure that you only collect the information that you use.
  • If you no longer require the information then stop collecting it and dispose securely of any unnecessary information that you may have collected

Step 2. Privacy Policy

There are some very good examples of how companies are putting privacy policies on their websites. Age UK have a great example of a very clear policy and it includes information about updating your details, security precautions, any transfer outside of Europe and any profiling that may take place. Check it out here.
We are working with all of the companies we deal with this to make sure their policies are clearly outlined.

Step 3. Keeping the data that is submitted by users safe.

This is a very important step. Keeping your site patched and running the latest WordPress or Woo-Commerce versions is going to be very important as the users won’t know this. Running an out-of-date version of WordPress could mean the data that’s transmitted from the site can be used by hackers.

We are also going to make sure all of our websites have SSL certificates to keep data passed through the website encrypted.

Step 4. Vulnerability Updates

Finally, we’ve partnered with the fantastic team behind the WPScan Vulnerability Database to bring you real time information about what plugins are vulnerable so we can act accordingly.

If you currently aren’t on one of our website and performance packages then please contact us at

Bug testing your website

Our recent survey (see previous blog post) found that as many as half of visitors will leave a website immediately if they encounter a bug – and that will be costing you money.

Cross browser testing

With the incredible pace of technological development today, there is huge and ever increasing range of devices and browsers being used by the millions of people surfing the web every minute.
Any one visitor, however, typically browses from a limited number of devices and programs. This means that many website owners are happy with their website but are not aware that it may offer a very different experience for other visitors.
Testing your website on different devices and browsers is not as difficult as you think, and you do not need to have access to every device to do it. There are many useful sites such as and that will help you.

Show me an example

Imagine that your website works perfectly in Google Chrome on a tablet. Assuming you have a Google analytics account set up with specific goals, you will be able to measure the conversion rate against these goals, for example 10%.
If you were to then examine the same for Internet Explorer 10 and found that the conversion rate was just 5%, you can quickly see that money is being lost.
Let’s say that your average transaction is £25 and you have 200 transactions per month in Chrome with a total value of £5,000. Finding and fixing a simple bug in Internet Explorer could see you increase your monthly income by £2,500. Now repeat that for a bugs on a few different browsers.

Trust & credibility

Last but not least, it is worth noting that there are also intangible benefits to having a bug free website, namely trust and credibility. Whilst it is hard to give these a specific value, they have a huge influence on factors such as conversion, returning customers and also your business image and reputation as a whole.
To learn more about how the team of developers and conversion optimisation experts at Pop Creative can help you generate more revenue from your website, call us now on 01691 662712 or contact us online here for a quick response.

Contact Us

The Old Smithy,
Church Street,
SY11 2SP

01691 662712

Privacy Policy