General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) was implemented on May 25, 2018 in an effort to standardize data protection law across all 28 European Union (EU) countries. This regulation imposes strict rules on controlling and processing personally identifiable information (PII) and applies to all organizations holding and processing EU resident’s personal data, regardless of geographic location. Any organization that monitors the behavior of EU residents must meet GDPR requirements.

Beyond Spots & Dots can assist in the process in making your website GDPR-compliant in the following ways:

Research

Beyond Spots & Dots will conduct all the necessary research to determine exactly how customer data is collected, stored and used on your website. Fines for noncompliance are substantial; therefore, it is important to establish if and how your website will monitor the behavior of EU residents, and ensure your organization meets GDPR compliance requirements.

Application

After the research stage, Beyond Spots & Dots will implement a functionality within your website that will inform the user that their information is being tracked through various third-party applications. We will then manage your organization’s GDPR compliance and abide by all rules within the regulation, such as having your records in order, notifying the supervising authority and data subject about any breach and conducting impact assessments.

Updates

Once your organization is GDPR compliant, Beyond Spots & Dots will develop and consistently update a privacy policy for your website with any new terms and/or conditions pertaining to the regulation. The policy will inform customers of what third-party applications track their data and explain the functionality of the various codes within the tracking systems. We will also present an option to remove their data from the system, should the customer wish that their information and browsing habits not be stored in the database.