Website Design

Is your website GDPR compliant?

With the General Data Protection Regulation (GDPR) coming into effect on 25th May 2018, it’s important you know how to make your website GDPR Compliant.

This new law is designed to offer individuals greater protection in respect of their personal data whether as an employee, a customer, a supplier or a potential client. The new law applies to businesses or organisations in the European Union. Those outside the EU who offer goods and services (whether paid or not) to people living within the EU, or monitor their behaviour, must also comply. GDPR becomes the global standard for data protection.

You can use this great checklist to help you get your business ready for the new GDPR regulations: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf

 

Website changes

Disclaimer: I am not an expert on GDPR but have made the following changes to clients’ websites following their requests. I have done a lot of my own research and consequently made all of these changes to my site in an effort to be GDPR compliant. I accept no responsibility for any consequences you have following this advice; you should always do your own research. 

 

What do the regulations mean for your website?

Essentially, you need to be transparent about how you process and use personal and sensitive data.

 

1. Update privacy and cookies policies

GDPR will mean you’ll need to have clear statements and policies in place with regards to data processing within your business or organisation.

You’ll need to inform your website visitors what sort of data is being collected from them, what it’s used for and how it is stored. Most of this can be covered off in a detailed privacy policy. You should already have one of these on your website so in most cases it will just be a case of updating it.

You should always tailor a privacy policy to your specific business. There are lots of templates out there, but it’s important that the information is all correct and relevant to your website specifically. You can also find mine here to get an idea of the information you need to include.

 

Google analytics

Here is an extract from a GDPR compliant website privacy policy statement with relation to the use of Google Analytics. It clearly explains what type of data gathering this is (visitor tracking), what it is used for and how to opt out if you wish:

"Like most websites, this site uses Google Analytics (GA) to track user interaction. I use this data to determine the number of people using my site, to better understand how they find and use my web pages and to see their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google does not grant us access to this. I consider Google to be a third party data processor.

GA makes use of cookies, details of which can be found on Google’s developer guides. My website uses the analytics.js implementation of GA. User and event data is held on Google servers for 38 months. You can read more about Google Analytics Data Retention here.

Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website."

 

Contact and sign-up forms

You need to document your internal policies for processing and erasing the data you keep.

 

Other privacy policy requirements

You also need to provide users with a way to withdraw consent and purge personal data collected on them; i.e. the ‘Right to Be Forgotten’. The easiest way to do this is to have a dedicated email (gdpr@domainname.co.uk, for example) for them to get in contact with you.

You’ll need to appoint a Data Protection Officer for your business who’s job it is to manage these requests alongside other GDPR related admin.

It is also a requirement of GDPR that you verify requests to remove or edit data via email.  The easiest way to manage this is to ask your customers/users to send their email to you using the email account that they subscribed/enquired with so you can verify their identity and right to edit the data you hold.

 

2. Add a cookies banner to your site

What are cookies?
When you visit a site that uses cookies for the first time, a cookie is downloaded to your browser. The next time you visit that site, your browser will check to see if it has a cookie that is relevant and sends the information contained in that cookie back to the site. The site then ’knows’ that you have been there before. It helps to load your pages faster if it remembers the information from a previous visit. 

Your site is collecting information every time someone visits your site, i.e. cookies (you can turn this off on your browser). To remain transparent under the new GDPR regulations, you need to add a banner to ensure that people are aware of the information that you’re collecting when they are on your site. This should have a link to your updated policies and a continue button.

Example:

Cookies-banner.jpg

 

3. Contact and sign-up forms compliance

People will need to confirm that they have read and agree to your terms and conditions before proceeding to submit the form. It will no longer be acceptable to use pre-populated check boxes (check box already ticked).

Example:

 
Newsletter.jpg
 

Note that the Google re-captcha is not a GDPR requirement but helps to ensure that your new subscribers are real people, not robots.

 
 

...to streamline the design process: tips and tricks


I love being a freelancer because you get to do everything from drawing to full development and design and I even love the business side of it! This does mean, however, that time is money.. literally.

 
designers-tips-tricks
 

Here's a few shortcuts and tips to streamline and automate the tasks that don't require you spending hours for a great design:

 

Pindown

Problem: As designers, we spend (way too many) hours on Pinterest. I love this part of the design process and I actually believe that it's so important for inspiring you. I'll find create a board on Pinterest and download the images to design a moodboard for my client. However, saving each individual picture from your board will take you ages to do manually! 

Solution: downloading the FREE Chrome extension 'Pindown' is a life saver. You simply click the little icon at the top of the board you want and it will download each individual image on that board! AMAZING.

 

Illustrator scripts

Scripts are a great time-saving tool for designers. There are some amazing free scripts that you can find to solve a manner of Illustrator sins. They really can save a huge amount of time and it's well worth searching for ones that can streamline your own process. 'John Wundes' and 'Hiroyuki Sato' are both leading developers in creating great free scripts. Here's a few that I really cannot do without: 

Export each layer as a seperate file

Reset image to horizontal position

Merge overlapping anchors

 

Photoshop Etiquette
 

 
 


Check out this amazing website, all about the best Photoshop practices: Photoshop Etiquette. Easy-to-read guides, some of the tips may seem obvious but it may get you to actually start implementing some the practices. My favourite few:

- Always use masks for your layers - never edit directly onto a layer.
- Rename all of your layers and group them to keep your Photoshop files clean. This will save time if you re-visit a file months later.


 
le_design_01.png