Importance Of Privacy Policies and Compliance’s
Importance Of Privacy Policies and Compliance’s
At its core, GDPR Compliance means an organization that falls within the scope of the General Data Protection Regulation (GDPR) meets the requirements for properly handling personal data as defined in the law.
The GDPR outlines certain obligations organizations must follow which limits how personal data can be used. It also defines eight data subject rights that guarantee specific entitlements for individual’s personal data. Ultimately giving individuals more autonomy over their personal information and how it is used.
Websites must comply with the following GDPR cookie requirements:
- Prior and explicit consent must be obtained before any activation of cookies (apart from whitelisted, necessary cookies).
- Consents must be granular, i.e., users must be able to activate some cookies rather than others and not be forced to consent to either all or none.
- Consent must be freely given, i.e., not allowed to be forced.
- Consents must be as easily withdrawn as they are given.
- Consents must be securely stored as legal documentation.
- Consent must be renewed at least once per year. However, some national data protection guidelines recommend more frequent renewal, e.g., 6 months. Check your local data protection guidelines for compliance.
Typically, GDPR cookie compliance is achieved on websites through cookie banners that allow users to select and accept certain cookies for activation rather than others, when visiting a site.
People’s Privacy Rights
You are a data controller and/or a data processor. But as a person who uses the Internet, you’re also a data subject. The GDPR recognizes a litany of new privacy rights for data subjects, which aim to give individuals more control over the data they loan to organizations. As an organization, it’s important to understand these rights to ensure you are GDPR compliant.
Below is a rundown of data subjects’ privacy rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
7 Key Principles of GDPR
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Storage limitation
- Integrity and confidentiality (security)
Is your website following the ADA compliance standards?
ADA compliance is short for the Americans with Disabilities Act Standards for Accessible Design. What that means is that all electronic information and technology—i.e., your website—must be accessible to those with disabilities.
ADA compliance is often confused with 508 compliance. However, ADA compliance differs in that it’s more of a civil law that mandates the inclusion of all people, especially those with disabilities, in all areas of public life. That includes the workplace, schools, transportation, and any other places open to the general public. Both ADA and 508 have the same goals, only Section 508 is only applicable to Federal procurement.
The two compliance regulations also work alongside the Web Content Accessibility Guidelines (WCAG). The WCAG, however, is more of a set of formal guidelines used to improve accessibility. The focus of WCAG is primarily HTML accessibility throughout all platforms.
ADA applies to all electronic information and technology, i.e., the world wide web and all its websites, ADA compliance applies to virtually all businesses and web developers. To be more specific, ADA compliance applies to the following:
- State and local government organizations
- Private organizations that have 15 employees or more
- Places of business that would be considered a place of public accommodation (Title III)
- Organizations that work for the public’s benefit
- (i.e., public transportation, schools, restaurants, bakeries, grocery stores, hotels, banks, accountant offices, law offices, social service centers, gyms, healthcare providers, the United States Postal Service, and so on)
if your website isn’t ADA compliant, you’re at risk for a hefty lawsuit. Even if you unintentionally skipped the guidelines provided by the U.S. Department of Justice, you could still end up paying thousands of dollars in lawsuits if you’re website isn’t accessible to everyone.
In addition to a lawsuit, you’ll also be facing the following for being non-compliant with ADA compliance standards:
- Legal fees
- A possible settlement
- A possible public relations problem
- The costs involved in rebuilding your website so that it’s ADA compliant
In addition to all of the above, you run the risk of losing customers for not making your website accessible to those that are disabled.
Need Help Becoming Compliant?
For some, ADA compliance means overhauling your entire website to ensure that the accessible alternatives are built into their HTML coding. A way to make your organization inclusive to all, which means more business and a better reputation. If you need help getting started, contact Faceless Marketing today. We specialize in accessibility compliance services, and we’ll have you at the highest level of protection in no time!