Get Ready for GDPR

May 7, 2018

What is GDPR?

We live in an age where the security of user data – what is both provided and collected – is becoming increasingly important. And measures are being taken to ensure that companies comply with best practices.

On May 25th, 2018, the General Data Protection Regulation (GDPR) will go into effect. GDPR is a European Union (EU) law that affects all companies that offer goods or services to EU subjects – even if that company has no physical presence in the EU.

The law puts limits on how personal data is collected, stored, shared, and made available. Fines for non-compliance with GDPR can be up to 20 million euros or 4% of a company’s annual global turnover – whichever is larger.

With severe financial repercussions at stake, it’s important to be familiar with the upcoming implementation deadline for the new GDPR, and ways that you can prepare.

What tools are available to prepare for GDPR?

PwC – a professional services consulting firm in the UK – has a great portal explaining more about the regulation.

One of the best breakdowns for the GDPR journey – and GDPR readiness – are five distinct phases identified by PwC, which can be found about halfway down their page.

PWC GDPR steps


    • Conduct a Readiness Assessment: Gather information to assess your organization’s current GDPR compliance maturity, and to help understand your critical legacy risks.


    • Find Remediation Gaps: Identify existing privacy capabilities and the work that needs to be done to bring your organization into GDPR compliance.


    • Establish Oversight: Put your organization’s ongoing GDPR governance structure and model in place to coordinate and implement your remediation activities.


    • Implement Your Program: Get your GDPR program off the ground, remediating gaps and establishing a privacy program.


    • Conduct Operation & Monitoring: Once GDPR is in effect and your program is in place, conduct ongoing compliance to drive continued accountability.


While the phases may seem complicated, Microsoft has a free assessment tool that ties closely to the Discovery step, providing high-level evaluation of a company’s GDPR readiness. IBM also has a portal about GDPR readiness for those interested in another set of resources and assessment tools.

If you’re interested in diving into the full text of the GDPR, you can find more in-depth information here.

Can Fresh offer my company assistance and consultation in preparing for GDPR?

Absolutely. After you understand your GDPR readiness and are ready to move on to planning, taking action, and monitoring your ongoing compliance, Fresh can offer guidance. While we are not attorneys and cannot certify compliance with the GDPR, we understand the design and development considerations surrounding GDPR.

Key considerations include obtaining clear consent for personal data processing, clearly defining your data policy in plain language, the ability to receive and respond to data correction, erasure, and transfer requests, and more.

As the data privacy movement gains momentum, it’s important for companies to be prepared. If you’d like to talk more about how your website or web application can be more GDPR compliant, we’d be happy to help!

You might also like...



5 Ways to Simplify Your Writing for the Web

When we’re designing high-end user experiences, our primary focus is usability. What’s the best way for users to reach their goals? How do we iron out the wrinkles, decrease friction, and create experiences that sing? There are many approaches. One that is often overlooked is simplifying your writing. Whether you’re writing short-form website copy, or … Continued

...continue reading



5 Tips for Refreshing Website Copy

Whether you’re embarking on a full website refresh or only updating a page or two, it’s tempting to assume that your site copy can move directly over to a new design with little or no editing. In cases of small sites or well-curated site content, that can work out just fine. For larger websites that … Continued

...continue reading



Search Engines Are Your First Impression (Use SEO to Make Them Count!)

We all know that first impressions are critical. But, when it comes to websites, when exactly do businesses make their first impression? The World Wide Web is much like an industry conference, with hundreds (thousands?) of companies just like yours vying for customer attention. At a conference, you come prepared with business cards that have … Continued

...continue reading