On May 25th 2018, the most significant piece of European data protection legislation to be introduced in 20 years came into effect. The General Data Protection Regulation (GDPR) strengthens the rights that individuals have regarding their personal data and seeks to unify data protection laws across Europe.

If your organisation collects or stores any type of personal data, you need to comply with GDPR. Failure to comply could result in a fine of up to €20m or 4% of your annual turnover. To avoid these ramifications, awareness is key.

The first step is to understand where your organisation resides in terms of compliance. This is achieved by conducting an audit of your documentation, technological resilience and organisational awareness.

GDPR Website Audit from £199+VAT

We offer a comprehensive GDPR Website Audit service to ensure sites are compliant.

We will thoroughly review your website, identify gaps and provide detailed recommendations on your data collection, storage and processing policies, in line with key GDPR requirements.

Step 1 – Connect with us

Step 2 – Receive your bespoke proposal

Step 3 – Leave the hard work to us

Get in touch


What’s included?

Detailed Report with Implementation Notes & Recommendations

Privacy Policy Template (inc. Cookies)

Email Marketing / Newsletter Consent Notice Template

Does GDPR apply to me?

If you operate within the EU, and you handle and store personal data (this includes names, email addresses, telephone numbers, payment details and IP addresses), then you have to comply. The regulation applies across the board, irrespective of company size or sector.

Required changes vary dependent on the information you collect, how you collect it, who has access to the data and how you intend to use or handle the long-term storage of that data.


No exit despite Brexit

GDPR came into effect at a time when the UK was still part of the European Union, and as such adopts all EU legislation. During the transition period, EU laws will be rewritten in line with Britain’s new position, meaning that all UK organisations that collect personal data will have to comply with GDPR.


Does my website have to be compliant?

GDPR states that if a website collects, stores or uses personal or special category data, site owners must tell users who they are, why they are collecting data, for how long and who receives it; get clear consent, let users access and export their data, inform users within 72 hours of a breach and let users erase their data.

Whilst not an exhaustive list, this will impact website plugins, privacy policies, cookie policies, forms, comments, Google Analytics tracking, e-commerce, user databases and mailing lists.


What about Salesforce, MailChimp etc.

These systems are classed as third-party data processors because they process data on your behalf. Most, but not all, of these systems are run by US companies who should be going through the process of becoming GDPR compliant, if they have not already done so.

These companies should also be Privacy Shield compliant. The Privacy Shield framework has been co-developed to provide mechanisms to protect the flow of personal data between the EU and the US.


Our expertise

Connect has over 24 years’ experience developing bespoke digital solutions.

We are an experienced supplier to the public and private sectors and our solutions comply with industry, government, security and quality standards.

View our accreditations