WEBSITE COMPLIANCE
Is your website EPrivacy/GDPR(Cookie) Compliant?
Website compliance is a priority area for your organisation’s data compliance needs. Ensuring data protection compliance, and data protection transparency notices for your users is essential. Keeping your website cookies compliant with the relevant legislation is vital.
Free Website Compliance Scan
Data Laws
The General Data Protection Regulation (GDPR) and the ePrivacy Directive 2002 (as amended) and the ePrivacy Regulations 2011 (which transpose the ePrivacy Directive 2002 into Irish law) affect how you as a website owner may use cookies and online tracking of visitors from the EU.
Your Website
Your website is required under the EU’s E Privacy Directive and the General Data Protection Regulation (GDPR) to let users control the activation of cookies and trackers that collect their personal data.
Irish DPC
On April 6, 2020, the Irish Data Protection Commission (the “DPC”) published a report summarizing the DPC’s findings following a cookie sweep of select websites across a range of sectors, as well as a new guidance note on the use of cookies and other tracking technologies.
Consequences for Non Compliance
There are two tiers of administrative fines that can be levied as penalties for non-compliance:
- Up to €10 million, or 2% annual global turnover – whichever is higher.
- Up to €20 million, or 4% annual global turnover – whichever is higher.
5 of the of most common mistakes on business websites when it comes to cookies
- Deploying a generic cookie notice with only an “accept all” button for cookies, and no ability to continue to use the site when the user has not agreed.
- Soliciting advice from website designers who are not always fully versed in data protection legislation when it comes to controlling the use of cookies on their domains.
- Applying a cookie policy page to their website but failing to update it when changes occur.
- Connecting 3rd party services to their websites, such as Facebook or Instagram feeds, whilst not taking into account their impact on data protection and cookies.
- Prioritising systems like Google Analytics ahead of their visitors’ data protection rights and their website’s compliance with data protection legislation.
Three months on from the Data Protection Commission’s (DPC) October 5th deadline for cookie compliance, most Irish businesses remain exposed to penalties and fines because their cookie strategy does not meet the ePrivacy Directive and the GDPR compliance and consent standards. This is according to a team of three expert organisations, Chalmin Data Protection Consultants (data protection consultants), Baycloud Systems (compliance tracking software) and iSeek.ie (website development agency), which have come together to help small-to-medium sized enterprises, which they say are grappling with the new requirements.
Baycloud has developed a fast and free online audit tool to scan your website and immediately identify whether or not it complies with the law. This tool is now available for the public on the Chalmin Data Protection Consultants website.
For those simply interested in where their data goes when they land on the website of their favourite news outlet or online store, the scanner can be used to discern the best practices and worst offenders on the web. The tool identifies the number of user identifying tracking cookies deployed by a website, and a comprehensive list of the companies that become a third party in processing your data when you make use of a service online, alongside a number of other metrics.
Compliance Experts Team Up to offer a One Stop Shop to Avoid the Wrath of the DPC
Team
Partners in Privacy Protection
“We recently saw the data protection regulator in France (CNIL) slap huge fines on big tech companies Google and Amazon for breaching the rules. And while you might argue that these huge conglomerates have the finances to be able to assimilate such penalties, it brings into sharp focus the detrimental affect such fines could have on smaller businesses – and it’s these that we are most concerned about.”
Gail Chalmin
Chalmin Data Protection Consultants
“The DPC are now following through and are really clamping down on any organisation that does not meet the compliance standards that have been put in place. Anecdotal evidence has suggested to us in recent months that there are huge numbers of businesses whose cookie policies still are not up to scratch.
We have developed a platform whereby a business can quickly scan their site and receive all the advice and instructions they need to become fully compliant.”
Mike O’Neill
Co-founder & CTO of Baycloud
“Cookies are not the enemy and, for many businesses and consumers alike, they fulfil a requirement that is very much needed for the delivery of excellent service. But it’s how an organisation implements their use that can cause problems.”
Liam Coyle
Managing Director at iSeek.ie