GDPR Website compliance – Is Yours Compliant?

GDPR website compliance is just part of the GDPR compliance landscape for organisations and the deadline is May 25th, 2018, which is already less than six months away. Ideally, your brand website should already be compliant with its requirements. If not, you still have time on your side, but you need to work quickly.

GDPR has was approved by the EU Parliament on 14th April, 2016, meaning that, come May 25th 2018, companies will have had slightly over two years to prepare for its introduction.

However, new research, commissioned by Ensighten and conducted by Sapio Research, indicates that currently only 58% of brand websites are actually GDPR compliant and only 28% of marketers surveyed expected their websites to be compliant by the deadline.

The two key reasons given were the difficulty of managing multiple suppliers (31%) and marketing complexity (31%). These were followed by the challenges of understanding vendor compliance issues (25%).

Rather alarmingly, less than half of marketers understand that they are responsible for data collection across all digital channels, including those run by suppliers.

What’s more, in spite of the fact that over half of marketers (wrongly) believe that they have delegated GDPR compliance to their suppliers, less than half of them (43%) have actually had conversations with their vendors on the subject of GDPR compliance and its implications for their online marketing activities.

While three quarters of marketers surveyed were able to identify, correctly, that payment details, phone numbers and physical addresses were all examples of personal data, that still means that a quarter of marketers failed to identify arguably some of the clearest examples of personal data.

Interestingly, 78% of marketers were able to identify emails as an example of personal data. That is, admittedly, a slight improvement, but it’s still rather concerning that over a fifth of marketers still got that wrong.

Half of the marketers surveyed indicated that they lacked clarity about what the legislation meant for them and were unclear about who in their organisation held the responsibility for ensuring compliance.

The first point is entirely understandable; legislation can be difficult for non-lawyers to understand so it’s hardly a surprise that almost half (48%) of those surveyed indicated that they did not believe their teams were fully aware of the implications of GDPR.

This is presumably why over a fifth (22%) of companies have chosen to hire a GDPR specialist, dedicated to this particular area, while almost a quarter (24%) have felt the need to invest in appropriate training for their employees to ensure that they have the requisite skills in-house.

Even though over three quarters (76%) of marketers saw GDPR as a challenge and almost half (46%) believe that it has the potential to decrease their marketing revenue, a substantial two thirds of marketers still thought it presented a strategic opportunity for business.

Likewise, 75% believe that GDPR will modernise their approach to customer interaction and engagement and 68% think it will encourage improvement in how they harness big data.