4 Steps to Make Your Website GDPR Compliant

The European Union released new rules related to data privacy, which came into effect on the 25th of May, 2018. You might have noticed a massive number of websites asking permission to accept their cookie policies, many Terms of Service and Privacy Policy updates flooding your inbox. All of this is because of the introduction of the GDPR.

What is GDPR?

GDPR (General Data Protection Regulation) essentially protects EU citizens from data breaches and privacy misconducts. The new regulation requires organizations to provide EU citizens with information and transparency about how their data is stored and collected. EU citizens also have the right to have their information removed from the database of organizations.

Why is GDPR important?

Wherever your business is located, any association with EU citizens makes you affected by GDPR. Hence, it is crucial for you to ensure that your website is GDPR ready to be able to serve EU citizens.

How to start?

Make sure that you go through the steps below in order to make your website GDPR ready.

1. Create a Privacy Policy

Businesses targeting EU citizens need to:

  • Create a Privacy Policy
  • Make sure that the Privacy Policy is written in a concise and clear language
  • Make sure that the Privacy Policy is easy to access on the website

If you do not have a Privacy Policy for your website, create one using this Privacy Policy tutorial.

After creating the policy, make sure that you copy the policy to a page on your website, and link to the page from your cookie notification banner and the footer.

2. Add cookie notifications

The GDPR requires websites that receive traffic from the EU to get the visitor’s consent to use cookies. You can customize your cookie notification and display it on your website until the site visitor accepts your policy using this step-by-step tutorial.

3. Add user agreement fields to contact forms

GDPR requires you to obtain consent whenever you collect data from the visitors of your website. You should gain consent for everything ranging from contact information, names, email addresses, etc. To do so, all websites with EU traffic must have a field in contact forms or email list sign ups where users can provide consent when giving information to you.

You can give your site visitors the ability to give consent through a user agreement field. Learn how to add this agreement field to all your forms from here.

4. Add Terms of Service

If you have an online store, you also need your customers’ consent to process their data. You should have Terms of Service documentation in your checkout so that users can showcase their consent when processing orders. Learn how to add Terms of Service to your online store.

Note: This article should only serve as a guide to give you a basic idea about the GDPR compliance. This article should not be taken as legal advice, consult your attorney for more details about GDPR compliance.


For further questions, or if you need help, please open a support ticket from your HostPapa Dashboard. Click here to learn how to do it.

Was this article helpful?

Related Articles

Leave A Comment?