• Home
    • Sitemap
    • Log-in
  • About
    • WebAuthorings Staff
    • Development
    • Strategies
    • Improve What You Have
    • Client Sites
    • Resume
  • Services
    • CMS Websites
    • Ecommerce Websites
    • SEO Services
      • SEO AutoPay
    • Consulting
    • Retargeting Marketing
    • Book a Service Now
      • Facebook Marketing – Monthly Auto-Pay
    • Hosting
      • Hosting Auto-Pay
      • Hosting Add-ons
    • Restaurant Websites
      • DIY Restaurant Websites
    • Room Reserve Hotel Booking
    • SocialNET
    • Graphics & Print Ads
    • Business Services
    • Video & Audio
    • PC Upkeep
    • Client Help
      • Affiliates
      • Free eBooks
      • D.I.Y. Search Engine Listings
      • Sitebuilder Help
      • WordPress Support
      • Zen Cart Tutorials
      • Outlook Support
      • Contact Support
      • Client WIP
      • Upload
      • QR Code Generator
      • WebAuthorings Extentions & Plugins for WordPress & Opencart
  • Reviews
  • Get a Quote
  • Contact
    • Newsletter
  • Blog
WebAuthorings
Web Design & Development
Phone: 973.657.0447
« 5 Things Needed To Make Your Website Work For You

Urgent Updates Notice For Your Website

Published on: July 26, 2018 | Author: webauthorings

Hi everyone,

It’s been a while since I’ve sent a newsletter, and this one is extremely important that will affect you and your website.

You’ve probably been receiving emails like I have been from every major and minor company you either do business with or have an account with regarding new policy and privacy updates. This is because of a new regulation called GDPR that affects anyone with a website that collects information such as an email address or stores a cookie. Everyone is starting to get inline and I’m sure we will see lawsuits start to kick in later this year for those that are not compliant.
 
The EU’s new data privacy law, the General Data Protection Regulation, goes into effect on May 25, 2018, and applies not only to EU-based organizations but also to anyone who has customers or contacts in the EU. What constitutes a contact at the lowest level is anyone who sends you an email or comes to your website from the EU. 

We’re excited to announce that new tools are available to make your GDPR preparations easier. 

I am in the final stages of implementing solutions for my own websites which we are just in the early stages of rolling out to our clients hosted with us. There’s quite a bit to do to make your website GDPR compliant. Ultimately, website owners that are not GDPR compliant can face large fines that can be enforced. 

FAQs
What is GDPR?
This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.

The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.

How do Businesses benefit from GDPR?
Build stronger customer relationships and trust
Improve the brand image of the organization and its brand reputation
Improve the governance and responsibility of data
Enhance the security and commitment to the privacy of the brand
Create value-added competitive advantages

When is the GDPR coming into effect?
It will be enforced on May 25th, 2018.

Who does the GDPR affect?
The GDPR applies to all EU organizations – whether commercial business, charity or public authority – that collect, store or process EU residents’ personal data, even if they’re not EU citizens.

The GDPR applies to all organizations located within the EU, whether you are a commercial business, charity or public authority, institution and collect, store or process EU citizen data. It also applies to any organization located outside of the EU if they also collect store or process EU citizen data.

What is considered personal data?
The GDPR defines personal data as any information or type of data that can directly or indirectly identify a natural person’s identity. This can include information such as Name, Address, Email, Photos, System Data, IP addresses, Location data, Phone numbers, and Cookies.

For other special categories of personal data, there are more strict regulations for categories such as Race, Religion, Political Views, Sexual Orientation, Health Information, Biometric and Genetic data.

What are the penalties for non-compliance?
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements.

There is a tiered approach to the fines whereby a company can be fined 2% for not having their records in order (Article 28), not notifying the supervising authority and Data Subject about a security breach or for investigating and assessing the breach.

Can’t I just ignore GDPR?
Put simply, no, you can’t. A business is a business, no matter how small and these measures will apply to everybody. There is, however, a difference between the types of record-keeping duties between small and large businesses.

Having fewer than 250 employees in your company means you must have records of your data processing activities if the data relates to criminal offenses or someone’s privacy rights.

Those with more than 250 employees must keep much more detailed records, but as a small business, you might still have to keep in-depth files if you are dealing with highly sensitive or personal information. You are only exempt if you only process personal information from EU residents sporadically.

Do I really need to employ a data protection officer for my business?
Maybe — it all depends on what personal information you collect and the amount of data, rather than the size of your business. A group of organizations can employ one data protection officer, as long as that officer is wholly available when needed to the demands of all the organizations. 

Where can I learn more about GDPR?

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

On top of this Google is enforcing having Secure Socket Layers (SSL) turned on for every page of a website. When you buy something or go to a page where you will be transmitting sensitive information the https://website.com turns to https://website.com. The “s” stands for secure. It simply means the website is securely encrypting the information that is passed through it. 

So what does all of this mean?

For the world it means safer and more secure regulations concerning your privacy and the way data is handled.
If your website is not running SSL throughout, the Chrome browser will scream to your visitors that you are not running in a secured mode and your website is dangerous. It means that if someone reports your website as not GDPR compliant, you will be fined. For WebAuthorings it means an incredible amount of work that goes into just one website to make it secure and compliant. I’ve been experimenting with WebRETAKE.com. Most of the parameters are now in place. It took about 5-7 hours to make it compliant on every level including SSL. This was after weeks of research and reading. I’m still tweaking some of the things put into place. 

The deadline for having your site GDPR compliant is May 25, 2018. Because we have smaller websites we can run under the radar for a little while, but I really don’t suggest you delay in having your website ready for these global changes. With close to 100 active web clients, I would much rather not have to go through these changes, but it is necessary and the cost of being compliant is far less than the penalties that can be brought against you.  
To do both SSL and GDPR Compliance the cost will be $495. You can, of course, opt not to do either. If you choose not to comply with the current regulations, I will need you to sign off on a refusal statement acknowledging that you have turned down our services in making your website compliant and secure and that WebAuthorings, its affiliates, partners, employees and third-party companies will not be liable or responsible in any way if your website is non-compliant with current industry regulations. 

Click here to access the GDPR Refusal Form

If you have multiple websites with us as some of you do, we will discuss a multi-site package for these changes.

Unfortunately, if your website is not running on the WordPress platform, we will not be able to help you with these new rules and regulations. If you would like us to recreate your current website within the WordPress environment, we can do this and will include making your website GDPR compliant and secure as part of the process. 

Here is what we will do for your updates:

  1. Create the SSL environment to secure your entire website
  2. Create a new Privacy Page that includes information on personal data, forms, cookies, third parties affiliated with your website
  3. Install an app that forces the new privacy page to appear before a visitor can use your website.
  4. Install and configure an app that integrates with Gravity Forms, Comments, and WooCommerce which adds a checkbox to every form where data is collected.
  5. Create the request forms for:
    Your Privacy Preferences, Request deletion of your account, Register a formal complaint, Request your data export. (May take up to 72 hours), Request data rectification.
  6. Creation of a footer banner that explains cookies and a sign-off that the user will either accept them or not.

I expect calls and emails from many of you concerning the changes. It doesn’t matter where you are hosted. If you are the website owner and operator you will be responsible for the changes. 
 

Best regards,
~ Howard & The Staff
WebAuthorings
https://webauthorings.com
973.657.0447

9 Raven Ct
West Milford, NJ 07480
 follow on Twitter | friend on Facebook | forward to a friend 
Copyright © 2018 WebAuthorings, All rights reserved. 
you’re receiving this email because you have opted in to our email list or have done business with us. 
Our mailing address is: 

WebAuthorings

9 Raven Ct

West Milford, NJ 07480

Add us to your address book
Categories: *News | Tags: No tags |
« 5 Things Needed To Make Your Website Work For You

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed



Copyright © 1998-2018 All Rights Reserved.

Designed by WebAuthorings.

Privacy Policy Updates

Who we are

WebAuthorings, LLC

Address:

9 Raven Ct
West Milford, NJ 07480 
US

By Phone: 973.657.0447

By Text or WhatsApp:
Name: Howard Baltus
Phone: 862.377.9060

Facebook PM: howard.baltus

By Email: 

Quick Contact

Our website address is: https://www.webauthorings.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

In most cases, your name, email, phone number and any comments are emailed to a recipient who manages this website. At time additional information may be asked to be submitted on the form you submit to us. This same data is stored on our website as a backup in case email fails to send which can happen on occasion.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Further information on how to accept a cookie or block a cookie can be found at the link below:
https://www.webauthorings.com/how-to-block-accept-cookies/

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

Your personal data is never shared with other companies or sold. It is used only by our team and members of our staff within our environment.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

In most cases, your name, email, phone number and any comments are emailed to a recipient who manages this website. At time additional information may be asked to be submitted on the form you submit to us. This same data is stored on our website as a backup in case email fails to send which can happen on occasion.

Additional information

At time additional information may be asked to be submitted on the form you submit to us. This same data is stored on our website as a backup in case email fails to send which can happen on occasion.

How we protect your data

Our website uses secure encryption to secure all of our data. We have commercial software as well as proprietary software running on all of the servers where this website is hosted. We have security apps running on the website level as well that help fend off the bad guys and alert us to hack attempts. We also employ the services of a third party Content Delivery Network which is the third level of defense against attackers.

What data breach procedures we have in place

  1. 1In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. 2Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
  2. The processor shall notify the controller without undue delay after becoming aware of a personal data breach.
  3. The notification referred to in paragraph 1 shall at least:
    a. describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
    b. communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
    c. describe the likely consequences of the personal data breach;
    d. describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
  4. Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
  5. 1The controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. 2That documentation shall enable the supervisory authority to verify compliance with this Article.

What third parties we receive data from

We use Google Analytics to track traffic to our website. Slimstats is also used for traffic information. We utilize Who’s Online to see the users currently on our site and from what area they are arriving from.

What automated decision making and/or profiling we do with user data

No automated decision making is done, we simply analyze where traffic is coming from in order to see if our marketing ideas are working well. To see a list of technologies used within this website: https://builtwith.com/webauthorings.com

Industry regulatory disclosure requirements

Your Privacy Preferences


Request deletion of your account.


Request data rectification.


Register a formal complaint.


Request your data export. (May take up to 72 hours)