Scroll

Welcome to our LiveChat! Please press "Start Chat" button to proceed

Start Chat

How to Make a GDPR Compliant Website

In order to keep your MotoCMS 3 GDPR compliant website, you need to keep track of a few main points. The General Data Protection Regulation (GDPR) was adopted in the European Union and became law on May 25, 2018. This rule applies in two key areas: reporting on data violations and protecting design data.

The GDPR influences any organization that conducts business with an organization or an individual of the EU. Organizations outside the EU that collect and process personal data of European citizens are subject to compliance with the law. These tips will help you to make your site GDPR compliant. In case you don't want to do this by yourself and want our specialists to make your site GDPR compliant in 24 hours, you can purchase this service by following this link.

MotoCMS 3 GDPR Compliant Website - Cookie Notification

Cookie Notification informs your visitors that this website collects data for improving the experience. You should go to Settings - Advanced Settings - Activate Cookie Notification. Once ticked, you should see that you are able to customize your Cookies message with the built-in Text Editor.
gdpr1.jpg

"Controls" feature allows you to display "Close" button or "Got It/I agree" button or both of these buttons for your Cookie Notification.
gdpr_001.jpg

If show "Got It" button is selected, you can see that you customize several features for it.
gdpr_002.jpg

"Button Text" - this feature allows you to rename the "Got It" button.

"Button Preset" - this feature allows you to change the appearance of the button by selecting a Preset for it. You can edit presets style in the Design section.

"Size" - this feature allows to choose the size of the "Got It" button.

"Cookies Tracking Time (days)" - this feature allows to set the time to track users' browser cookies after the button click event (365 days largest). After this time, a cookie notification banner will appear to the user again.

You can also choose to show both buttons. The four features that we mentioned before still affect only the "Got It" button, there is no effect on the "Close" button with these features.
gdpr_003.jpg

MotoCMS 3 GDPR Compliant Website  - Agreement Сheckbox 

All your contact forms and newsletter forms (like MailChimp) should have a consent checkbox enabled. With it, you will see if your visitor allows you to save personal data or you should remove it. Select your Contact Form and tick the agreement checkbox.
gdpraudi1.jpg

The * sign allows to make the agreement checkbox mandatory. The visitor won't be able to submit any data through the contact form without agreeing to your terms of use.
gdpraudi2.jpg

The pencil icon allows to edit the Agreement checkbox.
gdpraudi3.jpg

Once clicked, in a new window you can rename the Agreement text to another.
gdpraudi7.jpg

"Enable Text Editor" feature allows you to use a built-in Text Editor for additional modifications.
gdpraudi8.jpg

Here you can add a link to your Privacy Policy page under your forms so it can be handy for your visitors to check if they want. Highlight the text that you want to link to and click on a chain icon.
gdpraudi9.jpg

In a new window, you should select Open URL or Go to Page in the "Link To" field and specify your Privacy Policy page.
gdpraudi10.jpg

As a result, the visitors will be redirected to your Privacy Policy page upon clicking the linked text.

MailChimp has the same properties.
gdpraudi11.jpg

MotoCMS 3 GDPR Compliant Website - Consent Withdraw Opportunity

Additionally, you should think of a way for your visitors to withdraw their consent and ask you to remove their contact data. We can recommend you to create a button or a link that opens a separate page/popup with contact form and by filling in this contact form your visitors can withdraw any consent they gave you earlier. Usually, it is achieved by following these steps:

- First, you need to create a page or popup by using Add Page/Add Popup buttons. We will use popup as an example
gdpraudi12.jpg

- Next, you should name it so it can be understandable for you and your visitors and click on the "Add" button
gdpraudi13.jpg

- Once new page/popup is created you need to design it according to your preferences and add a contact form to it
gdpraudi14.jpg

- You need to set up this contact form to collect all information you need to remove the data you have(for example why you customer wants to remove this information and other questions)
gdpraudi15.jpg

- Once you are satisfied with page/popup design and content, you need to open one of your main pages and add a button widget to it. We recommend to use a home page and it is the most common place where your visitors will look for such action.
gdpraudi16.jpg

- After it you need to set up your button to open a page/popup you have created earlier
gdpraudi17.jpg

We can also recommend you to add your contact details on the Privacy Policy page. This can be an email address of your Data protection officer or a responsible manager. You should identify how long it will take to remove the user's data.

This is only an example on how this system can be set up but you can create your own way for your visitors to withdraw their consent. 

MotoCMS 3 GDPR Compliant Website - Third-Party Software

In case you are using a third party tool  for your GDPR compliant website, you need to make sure that it does not collect any information or it has a specific consent field that needs to be filled in by a visitor. But if third party software is doing something illegal, then it is your business’ responsibility as the Data Controller to make it compatible by adding notifications or switch to other software that does not collect any data without visitors consent.

If you do collect any data from your visitors you should specify in your Privacy Policy the reason why you collect it and how it will be used. MotoCMS templates use cookies to track if visitor opened this website earlier or this is a first time(some widgets are set up to appear only when a page is opened for the first time like automated popup notifications) and it does not contain any personal data in it.

You can use Google Analytics and Google Webmasters to analyse your website and activity on it. Google Webmasters does not collect any visitor data at all. While Google Analytics collects only anonymous information that does not contain any personal data of the visitor so it does not contradict the GDPR law.

Have more questions? Submit a request

Comments