Did you know that Google is going to start forcing websites to have SSL certificates this summer? Google is trying to get every site safe for visitors to visit and fill out information forms, contact or otherwise (their immediate focus is on sites that have password and credit card fields). Without an SSL Certificate, your site may be flagged as unsafe for visitors to view. SSL stands for Secure Sockets Layer and is the standard for encrypting data sent through websites. It ensures that data passed between browser and server remains private. It also reassures the visitor that your site is safe.
SSLs not only encrypt sensitive information, but they provide protection from hackers. Hackers have recently release malicious codes specifically targeting data moving between browsers and servers.
There are several methods of adding SSL to your website.
How does the new European GDPR affect your online presence? As of May 25th all European companies have to be GDPR compliant, and all companies that interact with EU citizens are expected to be compliant. The penalty for not being compliant is a fine up to 4% of annual revenue. GDPR requires the “right to be forgotten”, 72 hours customer notification of data breaches, and stricter consumer consent.
Again, how does this affect you? According to Article 3 of the new regulations, if you collect any data from someone in an EU country, you are subject to the conditions of the new regulations. If you are collecting data from an EU citizen who is not in the EU, you are not subject to the regulations. Data also refers to any information gathered about a person, including contact forms, meaning, this does not only apply to those who run stores or take payments online.
Yet, if your marketing does not specifically target anyone in the EU, and someone from the EU uses Google to search in English and comes across your site, they are not subject to GDRP.
Convoluted huh? If you are wanting to be on the safe side, add a Privacy Policy, Terms and Conditions, SSL Certificate, and a means of people to request their data be expunged.